Skip to content

chore(deps): bump github.com/containerd/containerd/v2 from 2.2.4 to 2.2.5#3071

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.2.5
Open

chore(deps): bump github.com/containerd/containerd/v2 from 2.2.4 to 2.2.5#3071
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/containerd/containerd/v2-2.2.5

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/containerd/containerd/v2 from 2.2.4 to 2.2.5.

Release notes

Sourced from github.com/containerd/containerd/v2's releases.

containerd 2.2.5

Welcome to the v2.2.5 release of containerd!

The fifth patch release for containerd 2.2 contains various fixes and updates including security patches.

Security Updates

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

  • Samuel Karp
  • Chris Henzie
  • Akihiro Suda
  • Derek McGowan
  • Maksym Pavlenko
  • Akhil Mohan
  • Ben Cressey
  • Brian Goff
  • Davanum Srinivas
  • Sebastiaan van Stijn

Changes

  • Prepare release notes for v2.2.5 (#13628)
    • 269031099 Prepare release notes for v2.2.5
    • ad59aa564 Merge commit from fork
    • 0b4d23690 Merge commit from fork
    • be8460656 cri: filter CDI annotations on checkpoint restore
    • 347240f72 Merge commit from fork
    • cff578841 cri: do not re-tag restored checkpoints
    • 668cf2c2f Merge commit from fork
    • 357652293 cri: make checkpoint restore robust to unexpected archive content
    • d43da05af Merge commit from fork
    • 30708e8d1 Bound user-database file reads in openUserFile
    • 028647ea2 Merge commit from fork
    • b6072a49f Do not propagate reserved labels from image configs
  • vendor: golang.org/x/crypto v0.53.0 (#13607)
    • cfea2c141 [release/2.2] vendor: golang.org/x/crypto v0.53.0

... (truncated)

Changelog

Sourced from github.com/containerd/containerd/v2's changelog.

Versioning and Release

This document details the versioning and release plan for containerd. Stability is a top goal for this project, and we hope that this document and the processes it entails will help to achieve that. It covers the release process, versioning numbering, backporting, API stability and support horizons.

If you rely on containerd, it would be good to spend time understanding the areas of the API that are and are not supported and how they impact your project in the future.

This document will be considered a living document. Supported timelines, backport targets and API stability guarantees will be updated here as they change.

If there is something that you require or this document leaves out, please reach out by filing an issue.

Releases

Releases of containerd will be versioned using dotted triples, similar to Semantic Version. For the purposes of this document, we will refer to the respective components of this triple as <major>.<minor>.<patch>. The version number may have additional information, such as alpha, beta and release candidate qualifications. Such releases will be considered "pre-releases".

Major and Minor Releases

Major and minor releases of containerd will be made from main. Releases of containerd will be marked with GPG signed tags and announced at https://github.com/containerd/containerd/releases. The tag will be of the format v<major>.<minor>.<patch> and should be made with the command git tag -s v<major>.<minor>.<patch>.

After a minor release, a branch will be created, with the format release/<major>.<minor> from the minor tag. All further patch releases will be done from that branch. For example, once we release v1.0.0, a branch release/1.0 will be created from that tag. All future patch releases will be done against that branch.

Release Cadence

Since containerd v2.3 in April 2026, minor releases are provided on a time basis with a cadence of 4 months. New minor releases are scheduled for April, August, and December of each year. This cadence is synchronized with the Kubernetes release schedule to ensure that new features in containerd can be smoothly adopted by new Kubernetes releases.

The maintainers will maintain a roadmap and milestones for each release, however,

... (truncated)

Commits
  • e53c7c1 Merge pull request #13628 from samuelkarp/prepare-2.2.5
  • 2690310 Prepare release notes for v2.2.5
  • ad59aa5 Merge commit from fork
  • 8bea48a Merge pull request #13607 from thaJeztah/2.2_bump_crypto
  • 699c4fb Merge pull request #13606 from AkihiroSuda/runc-1.3.6-containerd-2.2
  • cfea2c1 [release/2.2] vendor: golang.org/x/crypto v0.53.0
  • fc96ea6 update runc binary to v1.3.6
  • 0b4d236 Merge commit from fork
  • 347240f Merge commit from fork
  • 668cf2c Merge commit from fork
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Jun 22, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner June 22, 2026 15:35
@anish-sahoo

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot
dependabot Bot force-pushed the dependabot/go_modules/github.com/containerd/containerd/v2-2.2.5 branch 2 times, most recently from f976661 to 9d9d293 Compare June 25, 2026 17:56
Bumps [github.com/containerd/containerd/v2](https://github.com/containerd/containerd) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/containerd/containerd/releases)
- [Changelog](https://github.com/containerd/containerd/blob/main/RELEASES.md)
- [Commits](containerd/containerd@v2.2.4...v2.2.5)

---
updated-dependencies:
- dependency-name: github.com/containerd/containerd/v2
  dependency-version: 2.2.5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/go_modules/github.com/containerd/containerd/v2-2.2.5 branch from 9d9d293 to fad6158 Compare July 16, 2026 16:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant