Aleksa Sarai
Aleksa Sarai
Let me know if you'd prefer to have the `libpathrs` and `filepath-securejoin` requests be done separately.
Ah, I wasn't following the progress closely -- glad it was accepted! 😸
I don't know if there is a procedure to escalate this, but this is now blocking security updates for some CNCF projects, in particular the response to [CVE-2025-52881](https://github.com/opencontainers/runc/security/advisories/GHSA-cgrx-mc8f-2prm). For background,...
@AkihiroSuda [There was an update two weeks ago in the CNCF Slack](https://cloud-native.slack.com/archives/C014YQ8CDCG/p1762367783793809?thread_ts=1762350416.110889&cid=C014YQ8CDCG) -- this was fast-tracked through the Legal Committee (thanks to @joannalee333) and has been sent to the GB...
Are you replacing `BUSYBOX_IMAGE` with some other rootfs? Our scripts (`tests/integration/get-images.sh`) download the archives from the internet but I suspect that isn't allowed in openQA scripts. We do expect an...
If you can grab the coredump and provide it to me (either here or slack), that could be useful. Though I suspect that our busybox images don't have any debug...
Seems like a bug for busybox to be using `vfork` for this...
Note that my understanding is that the only things you are really allowed to do in a `vfork()` child are: * Call `_exit(2)` immediately (not `exit(3)`!). * Call `execve(2)` immediately....
I think they're asking why we have a linear stack of layers, rather than letting you define subtrees. @XenoAmess The short version is that in general overlay filesystems work really...
[There already is a document about it](https://hackmd.io/@cyphar/ociv2-brainstorm), we wrote it back in 2019. https://github.com/project-machine/puzzlefs is one project trying to solve this problem.