This week, read about:
- HackersUsing Fake CircleCI Notification to Hack GitHub Accounts.
- Sens. Peters, Portman Introduce Securing Open Source Software Act.
- 15-Year-Old Python Vulnerability Still Affects Over 350,000 Open Source Projects.
Key Security, Maintenance, and Features Releases
Non-security Based Updates
Docker Compose 2.11.1
Keep depends_on condition when service has volumes_from by @laurazard in #9849
keep the platform defined at service level during build if no build patforms provided by @glours in #9847
keep the platform defined via DOCKER_DEFAULT_PLATFORM during build if no build platforms provided by @glours in #9854
Reverted focus behavior for new windows back to the content area instead of the address bar (bug 1784692)
llow Label section in vsphere e2e cloudprovider configuration (#112478, @gnufied) [SIG Storage and Testing]
Correct the calculating error in podTopologySpread plugin to avoid unexpected scheduling results. (#112531, @kerthcet) [SIG Scheduling]
Kube-apiserver: gzip compression switched from level 4 to level 1 to improve large list call latencies in exchange for higher network bandwidth usage (10-50% higher). This increases the headroom before very large unpaged list calls exceed request timeout limits. (#112398, @shyamjvs) [SIG API Machinery]
Kube-apiserver: resolved a regression that treated 304 Not Modified responses from aggregated API servers as internal errors (#112527, @liggitt) [SIG API Machinery]