From 8af70eb82faedcd9d251f9e5bd547c7ce42b644f Mon Sep 17 00:00:00 2001 From: Arthur Date: Thu, 24 Jul 2025 10:04:20 +0200 Subject: [PATCH 1/4] exclude release notes --- .vale.ini | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/.vale.ini b/.vale.ini index 64ccef9714ef..55aa8f26f79a 100644 --- a/.vale.ini +++ b/.vale.ini @@ -1,6 +1,6 @@ StylesPath = _vale MinAlertLevel = suggestion -IgnoredScopes = text.frontmatter, code, tt, b, strong, i +IgnoredScopes = text.frontmatter, code, tt, b, strong, i, a Vocab = Docker # Disable rules for genered content @@ -20,6 +20,12 @@ Vale.Terms = NO Docker.Capitalization = NO Docker.Exclamation = NO +[content/manuals/desktop/previous-versions/*.md] +Vale.Spelling = NO +Vale.Terms = NO +Docker.Capitalization = NO +Docker.Exclamation = NO + [*.md] BasedOnStyles = Vale, Docker # Exclude `{{< ... >}}`, `{{% ... %}}`, [Who]({{< ... >}}) From 9e30f3887cac3e3f06d2f216e65b78f660e24c44 Mon Sep 17 00:00:00 2001 From: Arthur Date: Thu, 24 Jul 2025 10:04:38 +0200 Subject: [PATCH 2/4] add terms --- _vale/config/vocabularies/Docker/accept.txt | 18 +++++++++++++++++- 1 file changed, 17 insertions(+), 1 deletion(-) diff --git a/_vale/config/vocabularies/Docker/accept.txt b/_vale/config/vocabularies/Docker/accept.txt index 0e6aed655d5e..21977d67cf20 100644 --- a/_vale/config/vocabularies/Docker/accept.txt +++ b/_vale/config/vocabularies/Docker/accept.txt @@ -6,6 +6,8 @@ Amazon Anchore Apple Artifactory +auditable +autolock Azure bootup Btrfs @@ -60,6 +62,7 @@ Entra EPERM ESXi Ethernet +exploitability Fargate Fedora firewalld @@ -75,16 +78,19 @@ Google Grafana Gravatar gRPC +Grype HyperKit inferencing inotify Intel Intune +IPsec iptables IPv[46] IPvlan isort Jamf +JavaScript JetBrains JFrog JUnit @@ -115,7 +121,7 @@ monorepos? musl MySQL nameserver -namespace +namespaced? namespacing netfilter netlabel @@ -140,6 +146,8 @@ Postgres PowerShell Python Qualcomm +Quickview +rebalance reimplement rollback rootful @@ -158,6 +166,7 @@ SQLite stdin stdout subfolder +subvolume Syft syntaxes Sysbox @@ -167,23 +176,30 @@ systemd Testcontainers tmpfs Traefik +Trivy Trixie Ubuntu ufw +ui uid umask +undeterminable Unix unmanaged VMware vpnkit VSCode vSphere +Vue Wasm +Wasmtime Windows windowsfilter WireMock +workdir Xdebug youki +Yubikey Zscaler Zsh [Aa]nonymized? From e978b5e6f3556d4c5939deacf65abacbca27b96d Mon Sep 17 00:00:00 2001 From: Arthur Date: Thu, 24 Jul 2025 10:05:53 +0200 Subject: [PATCH 3/4] reduce errors --- .../docker/cli/docs/extend/legacy_plugins.md | 2 +- content/guides/admin-user-management/setup.md | 2 +- .../manuals/compose/releases/release-notes.md | 4 ++- .../previous-versions/edge-releases-mac.md | 32 ++++++++--------- .../edge-releases-windows.md | 34 +++++++++---------- content/manuals/desktop/release-notes.md | 8 +++-- .../troubleshoot-and-support/feedback.md | 2 +- .../security/provisioning/group-mapping.md | 6 ++-- content/manuals/offload/feedback.md | 2 +- .../security/security-announcements.md | 22 ++++++------ content/reference/api/registry/auth.md | 4 +-- content/reference/compose-file/secrets.md | 8 ++--- 12 files changed, 65 insertions(+), 61 deletions(-) diff --git a/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md b/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md index 2c6ba4bc1a2e..34925ff87ea7 100644 --- a/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md +++ b/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md @@ -83,7 +83,7 @@ The sections below provide an overview of available third-party plugins. ## Troubleshooting a plugin If you are having problems with Docker after loading a plugin, ask the authors -of the plugin for help. The Docker team may not be able to assist you. +of the plugin for help. The Docker Team may not be able to assist you. ## Writing a plugin diff --git a/content/guides/admin-user-management/setup.md b/content/guides/admin-user-management/setup.md index 885ddd9720dd..94eabba382a5 100644 --- a/content/guides/admin-user-management/setup.md +++ b/content/guides/admin-user-management/setup.md @@ -1,7 +1,7 @@ --- title: Setting up roles and permissions in Docker description: A guide to securely managing access and collaboration in Docker through roles and teams. -keywords: Docker roles, permissions management, access control, IT administration, team collaboration, least privilege, security, Docker teams, role-based access +keywords: Docker roles, permissions management, access control, IT administration, team collaboration, least privilege, security, Docker Teams, role-based access weight: 10 --- diff --git a/content/manuals/compose/releases/release-notes.md b/content/manuals/compose/releases/release-notes.md index 1e683a1dc083..048fe0569b45 100644 --- a/content/manuals/compose/releases/release-notes.md +++ b/content/manuals/compose/releases/release-notes.md @@ -11,6 +11,8 @@ aliases: - /compose/release-notes/ --- + + For more detailed information, see the [release notes in the Compose repo](https://github.com/docker/compose/releases/). ## 2.38.2 @@ -52,7 +54,7 @@ For more detailed information, see the [release notes in the Compose repo](https - Added `volumes` command - Removed `publish` limitation on bind mounts - Fixed an issue mounting the docker socket to container which doesn't need it -- Fixed an issue with bake hanging on output +- Fixed an issue with bake hanging on output ### Update diff --git a/content/manuals/desktop/previous-versions/edge-releases-mac.md b/content/manuals/desktop/previous-versions/edge-releases-mac.md index 60a9bccf7f5a..a5ee343fa87a 100644 --- a/content/manuals/desktop/previous-versions/edge-releases-mac.md +++ b/content/manuals/desktop/previous-versions/edge-releases-mac.md @@ -9,7 +9,7 @@ aliases: sitemap: false --- -This page contains information about Docker Desktop Edge releases. Edge releases give you early access to our newest features. Note that some of the features may be experimental, and some of them may not ever reach the Stable release. +This page contains information about Docker Desktop Edge releases. Edge releases give you early access to our newest features. Note that some of the features may be experimental, and some of them may not ever reach the Stable release. For Docker Desktop system requirements, see [What to know before you install](/manuals/desktop/setup/install/mac-install.md#system-requirements). @@ -146,7 +146,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus ### Known issues - The `clock_gettime64` system call returns `EPERM` rather than `ENOSYS` -in i386 images. To work around this issue, disable `seccomp` by using +in i386 images. To work around this issue, disable `seccomp` by using the `--privileged` flag. See [docker/for-win#8326](https://github.com/docker/for-win/issues/8326). ## Docker Desktop Community 2.3.6.1 @@ -391,7 +391,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus 2019-12-11 -> [!NOTE] +> [!NOTE] > > Docker Desktop Edge 2.1.7.0 is the release candidate for the upcoming major Stable release. Please help us test this version before the wider release and report any issues in the [docker/for-mac](https://github.com/docker/for-mac/issues) GitHub repository. @@ -519,7 +519,7 @@ Fixed an issue that caused VMs running on older hardware with macOS Catalina to - Fixed an issue where running some Docker commands can fail if you are not using Credential Helpers. [docker/for-mac#3785](https://github.com/docker/for-mac/issues/3785) - Fixed a bug that did not allow users to copy and paste text in the **Preferences** > **Daemon** window. [docker/for-mac#3798](https://github.com/docker/for-mac/issues/3798) -## Docker Desktop Community 2.1.0.0 +## Docker Desktop Community 2.1.0.0 2019-07-26 @@ -537,7 +537,7 @@ This release contains Kubernetes security improvements. Note that your local Kub - Introduced a new user interface for the Docker Desktop **Preferences** menu. - The **Restart**, **Reset**, and **Uninstall** options are now available on the **Troubleshoot** menu. - + #### Bug fixes and minor changes - Changed the host's Kubernetes context to ensure `docker run -v .kube:kube ... kubectl` works. @@ -591,16 +591,16 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus * New - App: Docker CLI plugin to configure, share, and install applications - + - Extend Compose files with metadata and parameters - Reuse the same application across multiple environments (Development/QA/Staging/Production) - Multi-orchestrator installation (Swarm or Kubernetes) - Push/Pull/Promotion/Signing supported for application, with the same workflow as images - Fully CNAB compliant - Full support for Docker Contexts - + - Buildx (Tech Preview): Docker CLI plugin for extended build capabilities with BuildKit - + - Familiar UI from docker build - Full BuildKit capabilities with container driver - Multiple builder instance support @@ -637,7 +637,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus * New - Rebranded UI - + * Bug fixes and minor changes - Kubernetes: use default maximum number of pods for kubelet. [docker/for-mac#3453](https://github.com/docker/for-mac/issues/3453) - Fix DockerHelper crash. [docker/for-mac#3470](https://github.com/docker/for-mac/issues/3470) @@ -651,7 +651,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Kubernetes 1.13.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1130) - [Kitematic 0.17.6](https://github.com/docker/kitematic/releases/tag/v0.17.6) - Golang 1.10.6, fixes CVEs: [CVE-2018-16875](https://www.cvedetails.com/cve/CVE-2018-16875), [CVE-2018-16873](https://www.cvedetails.com/cve/CVE-2018-16873) and [CVE-2018-16874](https://www.cvedetails.com/cve/CVE-2018-16874) - + WARNING: If you have an existing Kubernetes cluster created with Docker Desktop, this upgrade will reset the cluster. If you need to back up your Kubernetes cluster or persistent volumes you can use [Ark](https://github.com/heptio/ark). * Bug fixes and minor changes @@ -752,9 +752,9 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - Fix VPNKit memory leak. Fixes [moby/vpnkit#371](https://github.com/moby/vpnkit/issues/371) - Fix com.docker.supervisor using 100% CPU. Fixes [docker/for-mac#2967](https://github.com/docker/for-mac/issues/2967), [docker/for-mac#2923](https://github.com/docker/for-mac/issues/2923) - Do not override existing kubectl binary in /usr/local/bin (installed with brew or otherwise). Fixes [docker/for-mac#2368](https://github.com/docker/for-mac/issues/2368), [docker/for-mac#2890](https://github.com/docker/for-mac/issues/2890) - - Detect Vmnetd install error. Fixes [docker/for-mac#2934](https://github.com/docker/for-mac/issues/2934), [docker/for-mac#2687](https://github.com/docker/for-mac/issues/2687) + - Detect Vmnetd install error. Fixes [docker/for-mac#2934](https://github.com/docker/for-mac/issues/2934), [docker/for-mac#2687](https://github.com/docker/for-mac/issues/2687) - Virtual machine default disk path is stored relative to $HOME. Fixes [docker/for-mac#2928](https://github.com/docker/for-mac/issues/2928), [docker/for-mac#1209](https://github.com/docker/for-mac/issues/1209) - + ### Docker Community Edition 18.05.0-ce-mac66 2018-05-17 @@ -763,9 +763,9 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker 18.05.0-ce](https://github.com/docker/docker-ce/releases/tag/v18.05.0-ce) - [Docker compose 1.21.2](https://github.com/docker/compose/releases/tag/1.21.2) -* New +* New - Allow orchestrator selection from the UI in the "Kubernetes" pane, to allow "docker stack" commands to deploy to Swarm clusters, even if Kubernetes is enabled in Docker for Mac. - + * Bug fixes and minor changes - Use Simple NTP to minimize clock drift between the virtual machine and the host. Fixes [docker/for-mac#2076](https://github.com/docker/for-mac/issues/2076) - Fix filesystem event notifications for Swarm services and those using the new-style --mount option. Fixes [docker/for-mac#2216](https://github.com/docker/for-mac/issues/2216), [docker/for-mac#2375](https://github.com/docker/for-mac/issues/2375) @@ -782,7 +782,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker 18.05.0-ce-rc1](https://github.com/docker/docker-ce/releases/tag/v18.05.0-ce-rc1) - [Notary 0.6.1](https://github.com/docker/notary/releases/tag/v0.6.1) -* New +* New - Re-enable raw as the default disk format for users running macOS 10.13.4 and higher. Note this change only takes effect after a "reset to factory defaults" or "remove all data" (from the Whale menu > Preferences > Reset). Related to [docker/for-mac#2625](https://github.com/docker/for-mac/issues/2625) * Bug fixes and minor changes @@ -802,7 +802,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker 18.04.0-ce-rc2](https://github.com/docker/docker-ce/releases/tag/v18.04.0-ce-rc2) - [Kubernetes 1.9.6](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v196). If Kubernetes is enabled, the upgrade will be performed automatically when starting Docker for Mac. -* New +* New - Enable ceph & rbd modules in LinuxKit virtual machine. * Bug fixes and minor changes diff --git a/content/manuals/desktop/previous-versions/edge-releases-windows.md b/content/manuals/desktop/previous-versions/edge-releases-windows.md index ab7f67c78248..c3edd29dc41a 100644 --- a/content/manuals/desktop/previous-versions/edge-releases-windows.md +++ b/content/manuals/desktop/previous-versions/edge-releases-windows.md @@ -144,8 +144,8 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus ### Known issues -- The `clock_gettime64` system call returns `EPERM` rather than `ENOSYS` -in i386 images. To work around this issue, disable `seccomp` by using +- The `clock_gettime64` system call returns `EPERM` rather than `ENOSYS` +in i386 images. To work around this issue, disable `seccomp` by using the `--privileged` flag. See [docker/for-win#8326](https://github.com/docker/for-win/issues/8326). ## Docker Desktop Community 2.3.6.2 @@ -710,7 +710,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - Docker Desktop now supports a configurable user timeout for VMs on slower machines. [docker/for-win#4393](https://github.com/docker/for-win/issues/4393) - Enabled Windows features such as Hyper-V and Containers during installation, thereby reducing the need for another restart after installation. -## Docker Desktop Community 2.1.0.0 +## Docker Desktop Community 2.1.0.0 2019-07-30 @@ -728,14 +728,14 @@ This release contains Kubernetes security improvements. Note that your local Kub #### New - Introduced a new user interface for the Docker Desktop **Settings** menu. - - The **Restart** and **Reset** options are now available on the **Troubleshoot** menu. + - The **Restart** and **Reset** options are now available on the **Troubleshoot** menu. #### Bug fixes and minor changes - Changed the host's kubernetes context to ensure `docker run -v .kube:kube ... kubectl` works. - Restricted the `cluster-admin` role on local Kubernetes cluster to `kube-system` namespace. - Fixed Kubernetes installation with VPNkit subnet. - - Fixed an issue where Docker Desktop restarts when a user logs out of Windows and logs back in, which results in retaining the + - Fixed an issue where Docker Desktop restarts when a user logs out of Windows and logs back in, which results in retaining the exported ports on containers. - Reduced the VM startup time. `swap` is not created every time a virtual machine boots. - Fixed a bug which caused Docker Desktop to crash when a user cancels switching the version using Windows User Account Control (UAC) settings. @@ -795,16 +795,16 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus * New - App: Docker CLI plugin to configure, share, and install applications - + - Extend Compose files with metadata and parameters - Reuse the same application across multiple environments (Development/QA/Staging/Production) - Multi-orchestrator installation (Swarm or Kubernetes) - Push/Pull/Promotion/Signing supported for application, with the same workflow as images - Fully CNAB compliant - Full support for Docker Contexts - + - Buildx (Tech Preview): Docker CLI plugin for extended build capabilities with BuildKit - + - Familiar UI from docker build - Full BuildKit capabilities with container driver - Multiple builder instance support @@ -847,7 +847,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus * New - Rebranded UI - + * Bug fixes and minor changes - Kubernetes: use default maximum number of pods for kubelet. [docker/for-mac#3453](https://github.com/docker/for-mac/issues/3453) @@ -860,7 +860,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Kubernetes 1.13.0](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.13.md#v1130) - [Kitematic 0.17.6](https://github.com/docker/kitematic/releases/tag/v0.17.6) - Golang 1.10.6, fixes CVEs: [CVE-2018-16875](https://www.cvedetails.com/cve/CVE-2018-16875), [CVE-2018-16873](https://www.cvedetails.com/cve/CVE-2018-16873) and [CVE-2018-16874](https://www.cvedetails.com/cve/CVE-2018-16874) - + WARNING: If you have an existing Kubernetes cluster created with Docker Desktop, this upgrade will reset the cluster. If you need to back up your Kubernetes cluster or persistent volumes you can use [Ark](https://github.com/heptio/ark). * Bug fixes and minor changes @@ -880,7 +880,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker compose 1.23.2](https://github.com/docker/compose/releases/tag/1.23.2) * Bug fixes and minor changes - - Compose: Fixed a bug where build context URLs would fail to build on Windows. Fixes [docker/for-win#2918](https://github.com/docker/for-win/issues/2918) + - Compose: Fixed a bug where build context URLs would fail to build on Windows. Fixes [docker/for-win#2918](https://github.com/docker/for-win/issues/2918) ### Docker Community Edition 2.0.0.0-win77 2018-11-14 @@ -891,7 +891,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Kitematic 0.17.5](https://github.com/docker/kitematic/releases/tag/v0.17.5) * Bug fixes and minor changes - - Windows Containers: Fix group daemon option settings. Fixes [docker/for-win#2647](https://github.com/docker/for-win/issues/2647) + - Windows Containers: Fix group daemon option settings. Fixes [docker/for-win#2647](https://github.com/docker/for-win/issues/2647) - Windows Containers: Improve host.docker.internal ip resolution - Do not try to update samba share mounts when using Windows containers - Improved dns update too verbose in logs @@ -909,7 +909,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus * Deprecation - Removed support of AUFS - + * Bug fixes and minor changes - LCOW does not anymore need --platform flag on multi-arch images - Better WCOW host.docker.internal resolution on host, don't rewrite it if not modified. From [docker/for-win#1976](https://github.com/docker/for-win/issues/1976) @@ -977,13 +977,13 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker 18.05.0-ce](https://github.com/docker/docker-ce/releases/tag/v18.05.0-ce) - [Docker compose 1.21.2](https://github.com/docker/compose/releases/tag/1.21.2) -* New +* New - Allow orchestrator selection from the UI in the "Kubernetes" pane, to allow "docker stack" commands to deploy to swarm clusters, even if Kubernetes is enabled in Docker for Windows. * Bug fixes and minor changes - Fix restart issue when using Windows fast startup on latest 1709 Windows updates. Fixes [docker/for-win#1741](https://github.com/docker/for-win/issues/1741), [docker/for-win#1741](https://github.com/docker/for-win/issues/1741) - DNS name `host.docker.internal` can be used for host resolution from Windows containers. Fixes [docker/for-win#1976](https://github.com/docker/for-win/issues/1976) - - Fix broken link in diagnostics window. + - Fix broken link in diagnostics window. ### Docker Community Edition 18.05.0-ce-rc1-win63 2018-04-26 @@ -995,7 +995,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - Fix startup issue due to incompatibility with other programs (like Razer Synapse 3). Fixes [docker/for-win#1723](https://github.com/docker/for-win/issues/1723) - Fix Kubernetes hostPath translation for PersistentVolumeClaim (PVC). Previously failing PVCs must be deleted and recreated. Fixes [docker/for-win#1758](https://github.com/docker/for-win/issues/1758) - Fix Kubernetes status when resetting to factory defaults. - + ### Docker Community Edition 18.04.0-ce-win62 2018-04-12 @@ -1009,7 +1009,7 @@ This release contains a Kubernetes upgrade. Note that your local Kubernetes clus - [Docker 18.04.0-ce-rc2](https://github.com/docker/docker-ce/releases/tag/v18.04.0-ce-rc2) - [Kubernetes 1.9.6](https://github.com/kubernetes/kubernetes/blob/master/CHANGELOG-1.9.md#v196). If Kubernetes is enabled, the upgrade will be performed automatically when starting Docker for Windows. -* New +* New - Enable ceph & rbd modules in LinuxKit VM. * Bug fixes and minor changes diff --git a/content/manuals/desktop/release-notes.md b/content/manuals/desktop/release-notes.md index 2320408ad876..25bdc6ec2af8 100644 --- a/content/manuals/desktop/release-notes.md +++ b/content/manuals/desktop/release-notes.md @@ -17,7 +17,9 @@ aliases: weight: 220 --- -This page contains information about the new features, improvements, known issues, and bug fixes in Docker Desktop releases. + + +This page contains information about the new features, improvements, known issues, and bug fixes in Docker Desktop releases. Releases are gradually rolled out to ensure quality control. If the latest version is not yet available to you, allow some time — updates typically become available within a week of the release date. @@ -71,7 +73,7 @@ For more frequently asked questions, see the [FAQs](/manuals/desktop/troubleshoo - [Docker Engine v28.3.0](https://docs.docker.com/engine/release-notes/28/#2830) - [NVIDIA Container Toolkit v1.17.8](https://github.com/NVIDIA/nvidia-container-toolkit/releases/tag/v1.17.8) -### Security +### Security - Fixed [CVE-2025-6587](https://www.cve.org/CVERecord?id=CVE-2025-6587) where sensitive system environment variables were included in Docker Desktop diagnostic logs, allowing for potential secret exposure. @@ -82,7 +84,7 @@ For more frequently asked questions, see the [FAQs](/manuals/desktop/troubleshoo - Fixed a bug causing `docker start` to drop the container's port mappings for a container already running. - Fixed a bug that prevented container ports to be displayed on the GUI when a container was re-started. - Fixed a bug that caused Docker API `500 Internal Server Error for API route and version` error application start. -- The settings **Apply & restart** button is now labeled **Apply**. The VM is no longer restarted when applying changed settings. +- The settings **Apply & restart** button is now labeled **Apply**. The VM is no longer restarted when applying changed settings. - Fixed a bug where the disk would be corrupted if Docker is shutdown during a `fsck`. - Fixed a bug causing an incorrect `~/.kube/config` in WSL2 when using a `kind` Kubernetes cluster. - Return an explicit error to a Docker API / `docker` CLI command if Docker Desktop has been manually paused. diff --git a/content/manuals/desktop/troubleshoot-and-support/feedback.md b/content/manuals/desktop/troubleshoot-and-support/feedback.md index ba7759f24a96..37f1b3d93522 100644 --- a/content/manuals/desktop/troubleshoot-and-support/feedback.md +++ b/content/manuals/desktop/troubleshoot-and-support/feedback.md @@ -12,7 +12,7 @@ There are many ways you can provide feedback on Docker Desktop or Docker Desktop ### In-product feedback -On each Docker Desktop Dashboard view, there is a **Give feedback** link. This opens a feedback form where you can share ideas directly with the Docker team. +On each Docker Desktop Dashboard view, there is a **Give feedback** link. This opens a feedback form where you can share ideas directly with the Docker Team. ### Feedback via Docker Community forums diff --git a/content/manuals/enterprise/security/provisioning/group-mapping.md b/content/manuals/enterprise/security/provisioning/group-mapping.md index 07aedb379e2b..78f4f9eb2260 100644 --- a/content/manuals/enterprise/security/provisioning/group-mapping.md +++ b/content/manuals/enterprise/security/provisioning/group-mapping.md @@ -13,7 +13,7 @@ weight: 40 {{< summary-bar feature_name="SSO" >}} -Group mapping lets you sync user groups from your identity provider (IdP) with teams in your Docker organization. This automates team membership management, keeping your Docker teams up to date based on changes in your IdP. You can use group mapping once you have configured [single sign-on (SSO)](../single-sign-on/_index.md). +Group mapping lets you sync user groups from your identity provider (IdP) with teams in your Docker organization. This automates team membership management, keeping your Docker Teams up to date based on changes in your IdP. You can use group mapping once you have configured [single sign-on (SSO)](../single-sign-on/_index.md). > [!TIP] > @@ -27,13 +27,13 @@ It's important to note that Docker uses the user's email address as a unique ide ## Use group mapping -To assign users to Docker teams through your IdP, you must create groups in your IdP following the naming pattern: `organization:team`. For example, if your organization is called "moby" and you want to manage the "developers" team, the group name in your IdP should be `moby:developers`. In this example, any user added to this group in your IdP is automatically assigned to the "developers" team in Docker. +To assign users to Docker Teams through your IdP, you must create groups in your IdP following the naming pattern: `organization:team`. For example, if your organization is called "moby" and you want to manage the "developers" team, the group name in your IdP should be `moby:developers`. In this example, any user added to this group in your IdP is automatically assigned to the "developers" team in Docker. You can also use this format to assign users to multiple organizations. For example, to add a user to the "backend" team in the "moby" organization and the "desktop" team in the "whale" organization, the group names would be `moby:backend` and `whale:desktop`. > [!TIP] > -> Match the group names in your IdP with your Docker teams. When groups are synced, Docker creates a team if it doesn’t already exist. +> Match the group names in your IdP with your Docker Teams. When groups are synced, Docker creates a team if it doesn’t already exist. The following lists the supported group mapping attributes: diff --git a/content/manuals/offload/feedback.md b/content/manuals/offload/feedback.md index ed73320fd4bc..6835d18ca81b 100644 --- a/content/manuals/offload/feedback.md +++ b/content/manuals/offload/feedback.md @@ -10,7 +10,7 @@ There are several ways you can provide feedback on Docker Offload. ### In-product feedback On each Docker Desktop Dashboard view, there is a **Give feedback** link. This -opens a feedback form where you can share ideas directly with the Docker team. +opens a feedback form where you can share ideas directly with the Docker Team. You can use the form for any type of feedback, including: diff --git a/content/manuals/security/security-announcements.md b/content/manuals/security/security-announcements.md index 1f97a033ff2c..1a64df4ecbb9 100644 --- a/content/manuals/security/security-announcements.md +++ b/content/manuals/security/security-announcements.md @@ -11,7 +11,7 @@ toc_max: 2 _Last updated July 03, 2025_ -A vulnerability in Docker Desktop was fixed on July 03 in the [4.43.0](/manuals/desktop/release-notes.md#4430) release: +A vulnerability in Docker Desktop was fixed on July 03 in the [4.43.0](/manuals/desktop/release-notes.md#4430) release: - Fixed [CVE-2025-6587](https://www.cve.org/CVERecord?id=CVE-2025-6587) where sensitive system environment variables were included in Docker Desktop diagnostic logs, allowing for potential secret exposure. @@ -36,7 +36,7 @@ Two remote code execution (RCE) vulnerabilities in Docker Desktop related to Doc - [CVE-2024-8695](https://www.cve.org/cverecord?id=CVE-2024-8695): A remote code execution (RCE) vulnerability via crafted extension description/changelog could be abused by a malicious extension in Docker Desktop before 4.34.2. [Critical] - [CVE-2024-8696](https://www.cve.org/cverecord?id=CVE-2024-8696): A remote code execution (RCE) vulnerability via crafted extension publisher-url/additional-urls could be abused by a malicious extension in Docker Desktop before 4.34.2. [High] -No existing extensions exploiting the vulnerabilities were found in the Extensions Marketplace. The Docker team will be closely monitoring and diligently reviewing any requests for publishing new extensions. +No existing extensions exploiting the vulnerabilities were found in the Extensions Marketplace. The Docker Team will be closely monitoring and diligently reviewing any requests for publishing new extensions. We strongly encourage you to update to Docker Desktop [4.34.2](/manuals/desktop/release-notes.md#4342). If you are unable to update promptly, you can [disable Docker Extensions](/manuals/extensions/settings-feedback.md#turn-on-or-turn-off-extensions) as a workaround. @@ -54,7 +54,7 @@ At Docker, we want the experience to be the most secure for our developers and o _Last updated June, 2024_ -Docker is pleased to announce that we have received our SOC 2 Type 2 attestation and ISO 27001 certification with no exceptions or major non-conformities. +Docker is pleased to announce that we have received our SOC 2 Type 2 attestation and ISO 27001 certification with no exceptions or major non-conformities. Security is a fundamental pillar to Docker’s operations, which is embedded into our overall mission and company strategy. Docker’s products are core to our user community and our SOC 2 Type 2 attestation and ISO 27001 certification demonstrate Docker’s ongoing commitment to security to our user base. @@ -66,7 +66,7 @@ _Last updated February 2, 2024_ We at Docker prioritize the security and integrity of our software and the trust of our users. Security researchers at Snyk Labs identified and reported four security vulnerabilities in the container ecosystem. One of the vulnerabilities, [CVE-2024-21626](https://scout.docker.com/v/CVE-2024-21626), concerns the runc container runtime, and the other three affect BuildKit ([CVE-2024-23651](https://scout.docker.com/v/CVE-2024-23651), [CVE-2024-23652](https://scout.docker.com/v/CVE-2024-23652), and [CVE-2024-23653](https://scout.docker.com/v/CVE-2024-23653)). We want to assure our community that our team, in collaboration with the reporters and open source maintainers, has been diligently working on coordinating and implementing necessary remediations. -We are committed to maintaining the highest security standards. We have published patched versions of runc, BuildKit, and Moby on January 31 and released an update for Docker Desktop on February 1 to address these vulnerabilities. Additionally, our latest BuildKit and Moby releases included fixes for [CVE-2024-23650](https://scout.docker.com/v/CVE-2024-23650) and [CVE-2024-24557](https://scout.docker.com/v/CVE-2024-24557), discovered respectively by an independent researcher and through Docker’s internal research initiatives. +We are committed to maintaining the highest security standards. We have published patched versions of runc, BuildKit, and Moby on January 31 and released an update for Docker Desktop on February 1 to address these vulnerabilities. Additionally, our latest BuildKit and Moby releases included fixes for [CVE-2024-23650](https://scout.docker.com/v/CVE-2024-23650) and [CVE-2024-24557](https://scout.docker.com/v/CVE-2024-24557), discovered respectively by an independent researcher and through Docker’s internal research initiatives. | | Versions Impacted | |:-----------------------|:--------------------------| @@ -87,7 +87,7 @@ If you are using affected versions of runc, BuildKit, Moby, or Docker Desktop, m | `Docker Desktop` | >= [4.27.1](/manuals/desktop/release-notes.md#4271) | -If you are unable to update to an unaffected version promptly, follow these best practices to mitigate risk: +If you are unable to update to an unaffected version promptly, follow these best practices to mitigate risk: * Only use trusted Docker images (such as [Docker Official Images](../docker-hub/image-library/trusted-content.md#docker-official-images)). * Don’t build Docker images from untrusted sources or untrusted Dockerfiles. @@ -135,7 +135,7 @@ In Moby <= v25.0.1 and <= v24.0.8, the classic builder cache system is prone to _The issue has been fixed in Moby >= v25.0.2 and >= v24.0.9._ -### How are Docker products affected? +### How are Docker products affected? #### Docker Desktop @@ -167,7 +167,7 @@ _Last updated October 2022_ [CVE-2022-42889](https://nvd.nist.gov/vuln/detail/CVE-2022-42889) has been discovered in the popular Apache Commons Text library. Versions of this library up to but not including 1.10.0 are affected by this vulnerability. -We strongly encourage you to update to the latest version of [Apache Commons Text](https://commons.apache.org/proper/commons-text/download_text.cgi). +We strongly encourage you to update to the latest version of [Apache Commons Text](https://commons.apache.org/proper/commons-text/download_text.cgi). ### Scan images on Docker Hub @@ -183,13 +183,13 @@ A number of [Docker Official Images](../docker-hub/image-library/trusted-content Apache Commons Text. The following lists Docker Official Images that may contain the vulnerable versions of Apache Commons Text: -- [bonita](https://hub.docker.com/_/bonita) +- [bonita](https://hub.docker.com/_/bonita) - [Couchbase](https://hub.docker.com/_/couchbase) -- [Geonetwork](https://hub.docker.com/_/geonetwork) +- [Geonetwork](https://hub.docker.com/_/geonetwork) - [neo4j](https://hub.docker.com/_/neo4j) - [sliverpeas](https://hub.docker.com/_/sliverpeas) -- [solr](https://hub.docker.com/_/solr) -- [xwiki](https://hub.docker.com/_/xwiki) +- [solr](https://hub.docker.com/_/solr) +- [xwiki](https://hub.docker.com/_/xwiki) We have updated Apache Commons Text in these images to the latest version. Some of these images may not be diff --git a/content/reference/api/registry/auth.md b/content/reference/api/registry/auth.md index d395066014af..601d50e4a6bc 100644 --- a/content/reference/api/registry/auth.md +++ b/content/reference/api/registry/auth.md @@ -128,8 +128,8 @@ requests in the `Authorization` header. #### `access_token` For compatibility with OAuth 2.0, the `token` under the name `access_token` is -also accepted. At least one of these fields must be specified, but both may -also appear (for compatibility with older clients). When both are specified, +also accepted. At least one of these fields must be specified, but both may +also appear (for compatibility with older clients). When both are specified, they should be equivalent; if they differ the client's choice is undefined. #### `expires_in` diff --git a/content/reference/compose-file/secrets.md b/content/reference/compose-file/secrets.md index f198623a31eb..136ccab20dd6 100644 --- a/content/reference/compose-file/secrets.md +++ b/content/reference/compose-file/secrets.md @@ -2,12 +2,12 @@ title: Secrets description: Explore all the attributes the secrets top-level element can have. keywords: compose, compose specification, secrets, compose file reference -aliases: +aliases: - /compose/compose-file/09-secrets/ weight: 60 --- -Secrets are a flavor of [Configs](configs.md) focusing on sensitive data, with specific constraint for this usage. +Secrets are a flavor of [Configs](configs.md) focusing on sensitive data, with specific constraint for this usage. Services can only access secrets when explicitly granted by a [`secrets` attribute](services.md#secrets) within the `services` top-level element. @@ -28,9 +28,9 @@ secrets: file: ./server.cert ``` -## Example 2 +## Example 2 -`token` secret is created as `_token` when the application is deployed, +`token` secret is created as `_token` when the application is deployed, by registering the content of the `OAUTH_TOKEN` environment variable as a platform secret. ```yml From 99f1c14a343449e62075cce98c2f7fd18e00332c Mon Sep 17 00:00:00 2001 From: Arthur Date: Thu, 24 Jul 2025 10:21:52 +0200 Subject: [PATCH 4/4] fix --- _vendor/github.com/docker/cli/docs/extend/legacy_plugins.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md b/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md index 34925ff87ea7..2c6ba4bc1a2e 100644 --- a/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md +++ b/_vendor/github.com/docker/cli/docs/extend/legacy_plugins.md @@ -83,7 +83,7 @@ The sections below provide an overview of available third-party plugins. ## Troubleshooting a plugin If you are having problems with Docker after loading a plugin, ask the authors -of the plugin for help. The Docker Team may not be able to assist you. +of the plugin for help. The Docker team may not be able to assist you. ## Writing a plugin