28.0.1

28.1.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Fix dockerd-rootless-setuptool.sh incorrectly reporting missing iptables. moby/moby#49833
containerd image store: Fix a potential daemon crash when using docker load with archives containing zero-size tar headers. moby/moby#49837

Packaging updates

Update Buildx to v0.23.0. docker/docker-ce-packaging#1185
Update Compose to v2.35.1. docker/docker-ce-packaging#1188

Networking

Add a warning to a container's /etc/resolv.conf when no upstream DNS servers were found. moby/moby#49827

28.1.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 28.1.0 milestone
moby/moby, 28.1.0 milestone
Changes to the Engine API, see API version history.

New

Add docker bake sub-command as alias for docker buildx bake. docker/cli#5947
Experimental: add a new --use-api-socket flag on docker run and docker create to enable access to Docker socket from inside a container and to share credentials from the host with the container. docker/cli#5858
docker image inspect now supports a --platform flag to inspect a specific platform of a multi-platform image. docker/cli#5934

Bug fixes and enhancements

Add CLI shell-completion for context names. docker/cli#6016
Fix docker images --tree not including non-container images content size in the total image content size. docker/cli#6000
Fix docker load not preserving replaced images. moby/moby#49650
Fix docker login hints when logging in to a custom registry. docker/cli#6015
Fix docker stats not working properly on machines with high CPU core count. moby/moby#49734
Fix a regression causing docker pull/push to fail when interacting with a private repository. docker/cli#5964
Fix an issue preventing rootless Docker setup on a host with no ip_tables kernel module. moby/moby#49727
Fix an issue that could lead to unwanted iptables rules being restored and never deleted following a firewalld reload. moby/moby#49728
Improve CLI completion of docker service scale. docker/cli#5968
docker images --tree now hides both untagged and dangling images by default. docker/cli#5924
docker system info will provide an exit code if a connection cannot be established to the Docker daemon. docker/cli#5918
containerd image store: Fix image tag event not being emitted when building with BuildKit. moby/moby#49678
containerd image store: Improve docker push/pull handling of remote registry errors. moby/moby#49770
containerd image store: Show pull progress for non-layer image blobs. moby/moby#49746

Packaging updates

Add Debian "Trixie" packages. docker/docker-ce-packaging#1181
Add Fedora 42 packages. docker/containerd-packaging#418, docker/docker-ce-packaging#1169
Add Ubuntu 25.04 "Plucky Puffin" packages. docker/containerd-packaging#419, docker/docker-ce-packaging#1177
Update BuildKit to v0.21.0. moby/moby#49809
Update Compose to v2.35.0. docker/docker-ce-packaging#1183
Update Go runtime to 1.23.8. docker/cli#5986, docker/docker-ce-packaging#1180, moby/moby#49737

Networking

Fix a bug causing host port-mappings on Swarm containers to be duplicated on docker ps and docker inspect. moby/moby#49724
Fix an issue that caused container network attachment to fail with error "Bridge port not forwarding". moby/moby#49705
Fix an issue with removal of a --link from a container in the default bridge network. moby/moby#49778
Improve how network-endpoint relationships are tracked to reduce the chance of the "has active endpoints" error to be wrongfully returned. moby/moby#49736
Improve the "has active endpoints" error message by including the name of endpoints still connected to the network being deleted. moby/moby#49773

API

Update API version to v1.49. moby/moby#49718
GET /image/{name}/json now supports a platform parameter allowing to specify which platform variant of a multi-platform image to inspect. moby/moby#49586
GET /info now returns a FirewallBackend containing information about the daemon's firewalling configuration. moby/moby#49761

Go SDK

Update minimum required Go version to go1.23. docker/cli#5868
cli/command/context: remove temporary ContextType field from JSON output. docker/cli#5981
client: Keep image references in canonical format where possible. moby/moby#49609

Deprecations

API: Deprecated AllowNondistributableArtifactsCIDRs and AllowNondistributableArtifactsHostnames fields in the RegistryConfig struct in the GET /info response are omitted in API v1.49. moby/moby#49749
API: Deprecated: The ContainerdCommit.Expected, RuncCommit.Expected, and InitCommit.Expected fields in the GET /info endpoint were deprecated in API v1.48, and are now omitted in API v1.49. moby/moby#48556
Go-SDK: cli/command/image: Deprecate RunPull: this function was only used internally and will be removed in the next release. docker/cli#5975
Go-SDK: cli/config/configfile: deprecate ConfigFile.Experimental field. Experimental CLI features are always enabled since version v20.10 and this field is no longer used. Use ConfigFile.Features instead for optional features. This field will be removed in a future release. docker/cli#5977
Go-SDK: deprecate pkg/archive, which was migrated to github.com/moby/go-archive. moby/moby#49743
Go-SDK: deprecate pkg/atomicwriter, which was migrated to github.com/moby/sys/atomicwriter. moby/moby#49748
Go-SDK: opts: remove deprecated PortOpt, ConfigOpt, SecretOpt aliases. docker/cli#5953
Go-SDK: registry: deprecate APIEndpoint.Official field. moby/moby#49706

28.1.0-rc.2

For a full list of changes from the last release candidate refer to the diff:

New

Add a new flag --use-api-socket to enable access to Docker socket from inside a container. docker/cli#5858

Packaging updates

Update BuildKit to v0.21.0. moby/moby#49809

Networking

Make sure older Engine versions won't panic when downgrading from v28.1. moby/moby#49812

28.1.0-rc.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 28.1.0 milestone
moby/moby, 28.1.0 milestone
Deprecated and removed features, see Deprecated Features.
Changes to the Engine API, see API version history.

New

Add docker bake subcommand as alias for docker buildx bake. docker/cli#5947
docker image inspect now supports a --platform flag to inspect a specific platform of a multi-platform image. docker/cli#5934

Bug fixes and enhancements

Fix docker images --tree not including non-container images content size in the total image content size. docker/cli#6000
Fix docker load not preserving replaced images. moby/moby#49650
Fix docker stats not working properly on machines with high CPU core count. moby/moby#49734
Fix a regression causing docker pull/push to fail when interacting with a private repository. docker/cli#5964
Fix an issue preventing rootless docker setup on a host with no ip_tables kernel module. moby/moby#49727
Fix an issue that could lead to unwanted iptables rules being restored and never deleted following a firewalld reload. moby/moby#49728
Improve CLI completion of docker service scale. docker/cli#5968
docker images --tree: hide both untagged and dangling images by default. docker/cli#5924
docker system info will provide an exit code if a connection cannot be established to the docker daemon. docker/cli#5918
containerd image store: Fix image tag event not being emitted when building with BuildKit. moby/moby#49678
containerd image store: Improve docker push/pull handling of the remote registry errors. moby/moby#49770
containerd image store: Show pull progress for non-layer image blobs. moby/moby#49746

Packaging updates

Add Debian "Trixie". docker/docker-ce-packaging#1181
Add Fedora 42 packages. docker/containerd-packaging#418, docker/docker-ce-packaging#1169
Add Ubuntu "Plucky Puffin" packages. docker/containerd-packaging#419, docker/docker-ce-packaging#1177
Update Compose to v2.35.0. docker/docker-ce-packaging#1183
Update Go runtime to 1.23.8. docker/cli#5986, docker/docker-ce-packaging#1180, moby/moby#49737

Networking

Fix a bug causing host port-mappings on Swarm containers to be duplicated on docker ps and docker inspect. moby/moby#49724
Fix an issue that caused container network attachment to fail with error "Bridge port not forwarding". moby/moby#49705
Fix an issue with removal of a --link from a container in the default bridge network. moby/moby#49778
Improve how network-endpoint relationships are tracked to reduce the chance of the "has active endpoints" error to be wrongfully returned. moby/moby#49736
Improve the "has active endpoints" error message by including the name of endpoints still connected to the network being deleted. moby/moby#49773

API

Update API version to v1.49. moby/moby#49718
GET /image/{name}/json now supports platform parameter allowing to specify which platform variant of a multi-platform image to inspect. moby/moby#49586
GET /info now returns a FirewallBackend containing information about the daemon's firewalling configuration. moby/moby#49761

Go SDK

cli/command/context: remove temporary ContextType field from JSON output. docker/cli#5981
client: Keep image references in canonical format where possible. moby/moby#49609

Deprecations

API: Deprecated AllowNondistributableArtifactsCIDRs and AllowNondistributableArtifactsHostnames fields in the RegistryConfig struct in the GET /info response are omitted in API v1.49. moby/moby#49749
API: Deprecated: The ContainerdCommit.Expected, RuncCommit.Expected, and InitCommit.Expected fields in the GET /info endpoint were deprecated in API v1.48, and are now omitted in API v1.49. moby/moby#48556
Go-SDK: cli/command/image: Deprecate RunPull: this function was only used internally and will be removed in the next release. docker/cli#5975
Go-SDK: cli/config/configfile: deprecate ConfigFile.Experimental field. Experimental CLI features are always enabled since version v20.10 and this field is no longer used. Use ConfigFile.Features instead for optional features. This field will be removed in a future release. docker/cli#5977
Go-SDK: deprecate pkg/atomicwriter, which was migrated to github.com/moby/sys/atomicwriter. moby/moby#49748
Go-SDK: opts: remove deprecated PortOpt, ConfigOpt, SecretOpt aliases. docker/cli#5953
Go-SDK: registry: deprecate APIEndpoint.Official field. moby/moby#49706

28.0.4

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Fix a regression causing docker pull/push to fail when interacting with a private repository. docker/cli#5964

28.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Fix docker run truncating the STDOUT/STDERR prematurely when the container exits before the data is consumed. docker/cli#5957

Packaging updates

Update BuildKit to v0.20.2. moby/moby#49698
Update runc to v1.2.6 (static packages only). moby/ 10000 moby#49682
Update containerd to v1.7.26. docker/containerd-packaging#409

28.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Bug fixes and enhancements

Fix CLI-specific attributes (docker.cli.*) being unintentionally passed to downstream OTel services. docker/cli#5842
Fix an issue where user-specified OTEL_RESOURCE_ATTRIBUTES were being overridden by CLI's internal telemetry attributes. The CLI now properly merges user-specified attributes with internal ones, allowing both to coexist. docker/cli#5842
Fix daemon failing to start on Windows when a container created before v28.0.0 was present. moby/moby#49626
Fix possible error on docker buildx prune with the --min-free-space. moby/moby#49623
Fix spurious io: read/write on closed pipe error in the daemon log when closing container. moby/moby#49590
Fix the Docker daemon failing too early if the containerd socket isn't immediately available. moby/moby#49603
Mask Linux thermal interrupt info in a container's /proc and /sys by default. moby/moby#49560
Update contrib/check-config.sh to check for more kernel modules related to iptables. moby/moby#49622
containerd image store: Fix integer overflow in User ID handling passed via --user. moby/moby#49652
containerd image store: Fix spurious reference for unknown type: application/vnd.in-toto+json warning being logged to the daemon's log. moby/moby#49652
containerd image store: Improve performance of docker ps when running large number of containers. moby/moby#49365

Packaging updates

Update BuildKit to v0.20.1. moby/moby#49587
Update Buildx to v0.22.0. docker/docker-ce-packaging#1175
Update Compose to v2.34.0. docker/docker-ce-packaging#1172
Update Go runtime to 1.23.7. docker/cli#5890, docker/docker-ce-packaging#1171, moby/moby#49580
Update RootlessKit to v2.3.4. moby/moby#49614
Update containerd (static binaries only) to v1.7.27. moby/moby#49656

Networking

Add environment variable DOCKER_INSECURE_NO_IPTABLES_RAW=1 to allow Docker to run on systems where the Linux kernel can't provide CONFIG_IP_NF_RAW support. When enabled, Docker will not create rules in the iptables raw table. Warning: This is not recommended for production environments as it reduces security by allowing other hosts on the local network to route to ports published to host addresses, even when they are published to 127.0.0.1. This option bypasses some of the security hardening introduced in Docker Engine 28.0.0. moby/moby#49621
Allow container startup when an endpoint is attached to a macvlan network where the parent interface is down. moby/moby#49630
Do not skip DNAT for packets originating in a gateway_mode=routed network. moby/moby#49577
Fix a bug causing docker ps to inconsistently report dual-stack port mappings. moby/moby#49657
Fix a bug that could cause docker-proxy to stop forwarding UDP datagrams to containers. moby/moby#49649
Fix a bug that was causing docker-proxy to close UDP connections to containers eagerly and resulting in the source address to change needlessly. moby/moby#49649

Go SDK

Move various types and consts from cli-plugins/manager to a separate package. docker/cli#5902
Update minimum required Go version to go1.23. moby/moby#49541
cli/command: Move PrettyPrint utility to cli/command/formatter. docker/cli#5916
runconfig/errors: split ErrConflictHostNetwork into ErrConflictConnectToHostNetwork and ErrConflictDisconnectFromHostNetwork. moby/moby#49605

Deprecations

Go-SDK: Deprecate cli-plugins/manager.ResourceAttributesEnvvar constant. It was used internally, but holds the OTEL_RESOURCE_ATTRIBUTES name, which is part of the OpenTelemetry specification. Users of this constant should define their own. It will be removed in the next release. docker/cli#5881
Go-SDK: Deprecate opts.PortOpt, opts.ConfigOpt and opts.SecretOpt. These types were moved to the opts/swarmopts package. docker/cli#5907
Go-SDK: Remove service/logs package. docker/cli#5910
Go-SDK: cli/command/image: Deprecate PushTrustedReference and move to cli/trust. docker/cli#5894
Go-SDK: cli/command/image: Deprecate and internalize TrustedPush. docker/cli#5894
Go-SDK: cli/command: deprecate Cli.NotaryClient: use trust.GetNotaryRepository instead. This method is no longer used and will be removed in the next release. docker/cli#5885
Go-SDK: cli/command: deprecate Cli.RegistryClient. This method was only used internally and will be removed in the next release. Use client.NewRegistryClient instead. docker/cli#5889, docker/cli#5889
Go-SDK: registry: Deprecate RepositoryInfo.Official field. moby/moby#49567
Go-SDK: registry: deprecate HostCertsDir: this function was only used internally and will be removed in the next release. moby/moby#49612
Go-SDK: registry: deprecate SetCertsDir: the cert-directory is now automatically selected when running with RootlessKit, and should no longer be set manually. moby/moby#49612

28.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

Networking

Remove dependency on kernel modules ip_set, ip_set_hash_net and netfilter_xt_set.
- The dependency was introduced in release 28.0.0 but proved too disruptive. The iptables rules using these modules have been replaced. moby/moby#49530
Allow daemon startup on a host with IPv6 disabled without requiring --ip6tables=false. moby/moby#49525
Fix a bug that was causing containers with --restart=always and a published port already in use to restart in a tight loop. moby/moby#49507
Fix an issue with Swarm ingress, caused by incorrect ordering of iptables rules. moby/moby#49538
Fix creation of a swarm-scoped network from a --config-only network. moby/moby#49521
Fix docker network inspect reporting an IPv6 gateway with CIDR suffix for a newly created network with no specific IPAM config, until a daemon restart. moby/moby#49520
Improve the error reported when kernel modules ip_set, ip_set_hash_net and netilter_xt_set are not available. moby/moby#49524
Move most of Docker's iptables rules out of the filter-FORWARD chain, so that other applications are free to append rules that must follow Docker's rules. moby/moby#49518
Update --help output and man page lo state which options only apply to the default bridge network. moby/moby#49522

Bug fixes and enhancements

Fix docker context create always returning an error when using the "skip-tls-verify" option. docker/cli#5850
Fix shell completion suggesting IDs instead of names for services and nodes. docker/cli#5848
Fix unintentionally printing exit status to standard error output when docker exec/run returns a non-zero status. docker/cli#5854
Fix regression protocol "tcp" is not supported by the RootlessKit port driver "slirp4netns". moby/moby#49514
containerd image store: Fix docker inspect not being able to show multi-platform images with missing layers for all platforms. moby/moby#49533
containerd image store: Fix docker images --tree reporting wrong content size. moby/moby#49535
Fix compilation on i386 moby/moby#49526

Packaging updates

Update github.com/go-jose/go-jose/v4 to v4.0.5 to address. GHSA-c6gw-w398-hv78 / CVE-2025-27144 docker/cli#5867
Update Buildx to v0.21.1. docker/docker-ce-packaging#1167
Update Compose to v2.33.1. docker/docker-ce-packaging#1168

API

containerd image store: Fix GET /images/json?manifests=1 not filling Manifests for index-only images. moby/moby#49533
containerd image store: Fix GET /images/json and /images/<name>/json Size.Content field including the size of content that's not available locally. moby/moby#49535

28.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 28.0.0 milestone
moby/moby, 28.0.0 milestone
Deprecated and removed features, see Deprecated Features.
Changes to the Engine API, see API version history.

New

Add ability to mount an image inside a container via --mount type=image. moby/moby#48798
- You can also specify --mount type=image,image-subpath=[subpath],... option to mount a specific path from the image. docker/cli#5755
docker images --tree now shows metadata badges. docker/cli#5744
docker load, docker save, and docker history now support a --platform flag allowing you to choose a specific platform for single-platform operations on multi-platform images. docker/cli#5331
Add OOMScoreAdj to docker service create and docker stack. docker/cli#5145
docker buildx prune now supports reserved-space, max-used-space, min-free-space and keep-bytes filters. moby/moby#48720
Windows: Add support for running containerd as a child process of the daemon, instead of using a system-installed containerd. moby/moby#47955

Networking

The docker-proxy binary has been updated, older versions will not work with the updated dockerd. moby/moby#48132
- Close a window in which the userland proxy (docker-proxy) could accept TCP connections, that would then fail after iptables NAT rules were set up.
- The executable rootlesskit-docker-proxy is no longer used, it has been removed from the build and distribution.
DNS nameservers read from the host's /etc/resolv.conf are now always accessed from the host's network namespace. moby/moby#48290
- When the host's /etc/resolv.conf contains no nameservers and there are no --dns overrides, Google's DNS servers are no longer used, apart from by the default bridge network and in build containers.
Container interfaces in bridge and macvlan networks now use randomly generated MAC addresses. moby/moby#48808
- Gratuitous ARP / Neighbour Advertisement messages will be sent when the interfaces are started so that, when IP addresses are reused, they're associated with the newly generated MAC address.
- IPv6 addresses in the default bridge network are now IPAM-assigned, rather than being derived from the MAC address.
The deprecated OCI prestart hook is now only used by build containers. For other containers, network interfaces are added to the network namespace after task creation is complete, before the container task is started. moby/moby#47406
Add a new gw-priority option to docker run, docker container create, and docker network connect. This option will be used by the Engine to determine which network provides the default gateway for a container. On docker run, this option is only available through the extended --network syntax. docker/cli#5664
Add a new netlabel com.docker.network.endpoint.ifname to customize the interface name used when connecting a container to a network. It's supported by all built-in network drivers on Linux. moby/moby#49155
- When a container is created with multiple networks specified, there's no guarantee on the order networks will be connected to the container. So, if a custom interface name uses the same prefix as the auto-generated names, for example eth, the container might fail to start.
- The recommended practice is to use a different prefix, for example en0, or a numerical suffix high enough to never collide, for example eth100.
- This label can be specified on docker network connect via the --driver-opt flag, for example docker network connect --driver-opt=com.docker.network.endpoint.ifname=foobar ….
- Or via the long-form --network flag on docker run, for example docker run --network=name=bridge,driver-opt=com.docker.network.endpoint.ifname=foobar …
If a custom network driver reports capability GwAllocChecker then, before a network is created, it will get a GwAllocCheckerRequest with the network's options. The custom driver may then reply that no gateway IP address should be allocated. moby/moby#49372

Port publishing in bridge networks

dockerd now requires ipset support in the Linux kernel. moby/moby#48596
- The iptables and ip6tables rules used to implement port publishing and network isolation have been extensively modified. This enables some of the following functional changes, and is a first step in refactoring to enable native nftables support in a future release. moby/moby#48815
- If it becomes necessary to downgrade to an earlier version of the daemon, some manual cleanup of the new rules will be necessary. The simplest and surest approach is to reboot the host, or use iptables -F and ip6tables -F to flush all existing iptables rules from the filter table before starting the older version of the daemon. When that is not possible, run the following commands as root:
  - iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
  - iptables -D FORWARD -m set --match-set docker-ext-bridges-v4 dst -j DOCKER; ip6tables -D FORWARD -m set --match-set docker-ext-bridges-v6 dst -j DOCKER
  - If you were previously running with the iptables filter-FORWARD policy set to ACCEPT and need to restore access to unpublished ports, also delete per-bridge-network rules from the DOCKER chains. For example, iptables -D DOCKER ! -i docker0 -o docker0 -j DROP.
Fix a security issue that was allowing remote hosts to connect directly to a container on its published ports. moby/moby#49325
Fix a security issue that was allowing neighbor hosts to connect to ports mapped on a loopback address. moby/moby#49325
Fix an issue that prevented port publishing to link-local addresses. moby/moby#48570
UDP ports published by a container are now reliably accessible by containers on other networks, via the host's public IP address. moby/moby#48571
Docker will now only set the ip6tables policy for the FORWARD chain in the filter table to DROP if it enables IP forwarding on the host itself (sysctls net.ipv6.conf.all.forwarding and net.ipv6.conf.default.forwarding). This is now aligned with existing IPv4 behaviour. moby/moby#48594
- If IPv6 forwarding is enabled on your host, but you were depending on Docker to set the ip6tables filter-FORWARD policy to DROP, you may need to update your host's configuration to make sure it is secure.
Direct routed access to container ports that are not exposed using p/-publish is now blocked in the DOCKER iptables chain. moby/moby#48724
- If the default iptables filter-FORWARD policy was previously left at ACCEPT on your host, and direct routed access to a container's unpublished ports from a remote host is still required, options are:
  - Publish the ports you need.
  - Use the new gateway_mode_ipv[46]=nat-unprotected, described below.
- Container ports published to host addresses will continue to be accessible via those host addresses, using NAT or the userland proxy.
- Unpublished container ports continue to be directly accessible from the Docker host via the container's IP address.
Networks created with gateway_mode_ipv[46]=routed are now accessible from other bridge networks running on the same Docker host, as well as from outside the host. moby/moby#48596
Bridge driver options com.docker.network.bridge.gateway_mode_ipv4 and com.docker.network.bridge.gateway_mode_ipv6 now accept mode nat-unprotected. moby/moby#48597
- nat-unprotected is similar to the default nat mode, but no per port/protocol rules are set up. This means any port on a container can be accessed by direct-routing from a remote host.
Bridge driver options com.docker.network.bridge.gateway_mode_ipv4 and com.docker.network.bridge.gateway_mode_ipv6 now accept mode isolated, when the network is also internal. moby/moby#49262
- An address is normally assigned to the bridge device in an internal network. So, processes on the Docker host can access the network, and containers in the network can access host services listening on that bridge address (including services listening on "any" host address, 0.0.0.0 or ::).
- An internal bridge network created with gateway mode isolated does not have an address on the Docker host.
When a port mapping includes ...

@thaJeztah

28.0.0-rc.3

This is a pre-release of the upcoming 28.0.0 release.

Pre-releases are intended for testing new releases: only install in a test environment!

curl -fsSL https://get.docker.com -o get-docker.sh
sudo CHANNEL=test sh get-docker.sh

Bugs and regressions can be reported in these issue trackers:

Related to the CLI: https://github.com/docker/cli/issues
Related to the Docker Engine https://github.com/moby/moby/issues

When reporting issues, include [28.0.0-rc] in the issue title

What's Changed

Dockerfile: update golangci-lint to v1.64.5 by @thaJeztah in #49481
api/swagger: inline Exec example values by @thaJeztah in #49479
golangci-lint: ignore "nested context" (fatcontext) in tests by @thaJeztah in #49484
api/swagger: remove custom example from /containers/{id}/json endpoint by @thaJeztah in #49478
api/swagger: remove custom example from /containers/json endpoint by @thaJeztah in #49477
c8d/list: Fix panic when listing images by @vvoland in #49485
docs/api: add documentation for API v1.48 by @thaJeztah in #49480
Dockerfile: fix linting warnings by @thaJeztah in #49490
vendor: github.com/moby/buildkit v0.20.0-rc3 by @vvoland in #49491

Full Changelog: v28.0.0-rc.2...v28.0.0-rc.3

Releases: moby/moby

v28.1.1

28.1.1

Bug fixes and enhancements

Packaging updates

Networking

v28.1.0

28.1.0

New

Bug fixes and enhancements

Packaging updates

Networking

API

Go SDK

Deprecations

v28.1.0-rc.2

28.1.0-rc.2

New

Packaging updates

Networking

v28.1.0-rc.1

28.1.0-rc.1

New

Bug fixes and enhancements

Packaging updates

Networking

API

Go SDK

Deprecations

v28.0.4

28.0.4

Bug fixes and enhancements

v28.0.3

28.0.3

Bug fixes and enhancements

Packaging updates

v28.0.2

28.0.2

Bug fixes and enhancements

Packaging updates

Networking

Go SDK

Deprecations

v28.0.1

28.0.1

Networking

Bug fixes and enhancements

Packaging updates

API

v28.0.0

28.0.0

New

Networking

Port publishing in bridge networks

v28.0.0-rc.3

28.0.0-rc.3

What's Changed

Contributors