:warning: depends on https://github.com/dagger/dagger/pull/9395/.

These had some temp changes that can be cleaned up now that v0.16.1 is out. Meant to include this in https://github.com/dagger/dagger/pull/9681 but forgot to force push and it got merged 😄

Bumps the sdk-typescript group with 14 updates in the /sdk/typescript directory:

Bumps the engine group with 8 updates in the / directory:

Bumps the engine group with 10 updates in the / directory:

This commit aims to improve the structure of the install page, specifically the section on updating Dagger.

The previous fix in 867eed9 (#9697) to use the subdir in the call to bkcontenthash.Checksum was actually only a partial fix.

We need to include the subdir in the singleflight group, or we can end up colliding various operations incorrectly and getting the wrong result.

This was the probably cause of the flake in https://v3.dagger.cloud/dagger/traces/e9e01fff1fc51a3a32f60045c0e39d29?span=87...

Implement a globally accessible Dagger client.

So now, instead of passing the Client dag field from object to object, it's possible to access a single instance of the client using

io.dagger.client.Dagger.dag()

That makes it available from everywhere and simplifies the constructions of all objects.

Even better with the static import

import static io.dagger.client.Dagger.dag;

so that dag() is available. This makes the behavior of the Java SDK wa...

Currently for uploaded local dirs the UI shows the raw digest or a placeholder instead of the Host.directory call that created it.

This happens because the server's Host.directory actually returns a call with a custom content digest of the blob, rather than the call digest of the Host.directory call.

Now when querying the DB for a call we'll also look for spans that had the digest as an outp...

What is the issue?

Currently there is no example of attaching a docker daemon sidecar but it is a common pattern when running tests that require docker. There are also a couple of best practices when doing this that is worth documentting.

1. It's recommended to attach a cache volume at /var/lib/docker so that docker can use overlayfs when storing data. Example:

daemon := dag.Container().From("fcr.fmr.com/docker:24-dind").
	WithEnvVariable("TINI_SUBREAPER", "true").
	WithMounte...

TBD

Signed-off-by: Marcos Lilljedahl

What are you trying to do?

• Add :default option to type system
• During processing the defn macro, ensure that the default value matches with the type.

Why is this important to you?

No response

How are you currently working around this?

No response

Adds support for the bun.lock text format released in Bun 1.2.0 bun.sh/blog/bun-v1.2#introducing-bun-lock. This is Bun's new default.

I can't seem to get the test suite and SDK generation working, I've tried from the docs.

dagger call sdk typescript generate export --path=.

Running go test in src/core passes though.

Any advice on finishing up the PR would be appreciated, I'll look at the changie stuff and commit that shortly.

What is the issue?

Update:
https://docs.dagger.io/faq#what-is-the-dagger-platform - mention our expanded agents and CI use cases
https://docs.dagger.io/faq#dagger-sdks - mention all of the SDKs

Add:
in an entry similar to https://docs.dagger.io/faq#which-ci-providers-does-dagger-cloud-work-with, describe which LLMs and frameworks we work with. Short answer is that Dagger should work with any hosted or local LLM. With Dagger's multi-language support and ability to use any libraries or c...

What is the issue?

https://docs.dagger.io/ci/adopting#implementing

What is the issue?

https://docs.dagger.io/features/programmable-pipelines

• docs(sdk/java): arguments

• docs(sdk/java): custom functions

• docs(sdk/java): return values

• docs(sdk/java): services

• fix typos and add suggestions

Bumps the sdk-java group with 6 updates in the /sdk/java directory:

Bumps the engine group with 1 update in the / directory: github.com/dagger/testctx/oteltest.
Bumps the engine group with 1 update in the /sdk/go directory: github.com/vektah/gqlparser/v2.

Updates github.com/dagger/testctx/oteltest from 0.0.2 to 0.0.3

Commits

46f01fa update godoc, fix unit tests
1ad0d2e embed TB to ensure W is a TB
34b0863 bump testctx
See full diff in compare view

Updates `github.com/vektah/g...

Bumps the docs group in /docs with 3 updates: sass, typedoc and typescript.

Updates sass from 1.85.0 to 1.85.1

Release notes
Sourced from sass's releases.

Dart Sass 1.85.1
To install Sass 1.85.1, download one of the packages below and add it to your PATH, or see the Sass website for full installation instructions.
Changes

Fix a bug where global Sass functions whose na...

Bumps the sdk-python-docker group with 1 update in the /modules/ruff/build directory: astral-sh/ruff.
Bumps the sdk-python-docker group with 2 updates in the /sdk/python/runtime directory: python and astral-sh/uv.

Updates astral-sh/ruff from 0.9.5 to 0.9.9

Release notes
Sourced from astral-sh/ruff's releases.

0.9.9
Release Notes
Preview features

Fix caching of unsupported-syntax errors (#16425)

Bug fixes

Only show...

Bumps the sdk-typescript group with 15 updates in the /sdk/typescript directory:

Update generateClient to only set fields in the
configuration so now the generation
logic happens in generatedContextDirectory.
That way, it works with dagger develop.

Also add persistency in dagger.json for generated clients.

Correctly use contextDirectory in codegen instead
of only the source directory.

Signed-off-by: Tom Chauveau

I know me and @rajatjindal have started seeing this in v0.16.2, but @gmile in #8830 has also seen this.

Repeatedly running dagger function succeeds most of the times, but occasionally would fail with either of these two errors:

✘ load module 1.3s
! failed to get configured module: Post "http://dagger/query": unexpected EOF
│ ✘ finding module configuration 1.3s
│ ! Post "http://dagger/query": unexpect...

Bumps the engine group with 1 update in the /sdk/go directory: github.com/vektah/gqlparser/v2.

Updates github.com/vektah/gqlparser/v2 from 2.5.22 to 2.5.23

Release notes
Sourced from github.com/vektah/gqlparser/v2's releases.

v2.5.23
Full Changelog: https://github.com/vektah/gqlparser/compare/v2.5.23...v2.5.23

Commits

135eef6 Fix quote handling at end of block string descriptions (#355)
94fb1f6 Bump prettier in /validator/imported in the actions...

Usage: add dagger mcp as an MCP server.

Defaults to stdio. For SSE (handy for debugging), set PORT=1234 and configure http://localhost:1234/sse.

TODO:

• [ ] Should it be scoped per-chat somehow? Haven't found an easy way to do this with Claude Desktop. It literally runs a single MCP server for the entire time.
• [ ] Some more prompt engineering for shell
• [ ] Shell commands are currently trying to run e.g. wolfi instead of github.com/dagger/dagger/modules/wolfi.
  • A...

[!NOTE]
Only the last commit is relevant here, the others are part of #9738
This PR is intended to be merged after #9738

Fields can now be private (or any other visibility). No need to have them public anymore to be serialized.

All non transient/static fields will be serialized by default and registered as a field to the Dagger API.

If you want to have a field serialized but not exposed it to the API (so a user can't retrieve the value) then it needs to be annotated w...

What is the issue?

Seeing an exception printed out every time I run anything with dagger 0.16.2: RuntimeError: cannot schedule new futures after interpreter shutdown

Dagger version

dagger v0.16.2 (docker-image://registry.dagger.io/engine:v0.16.2) linux/amd64

Steps to reproduce

1. Write the following into foo.py

#!/usr/bin/env python3
import asyncio
import dagger
from dagger import dag

async def main():
    async with dagger.connection():
        pass

asyncio....

Should fix #9759 (temporarily, hopefully go 1.24.1 will have a fix for this).

Not a simple revert commit, since we've started using new features :(

:warning: requires https://github.com/vito/bubbline/pull/1.

Improve versioning to prepare the publication of the different components to maven central.
Related to #9194

The PR is composed of two main aspects (split in two commits, the last one is a small fix regarding the "internal" deps):

1. update the different pom.xml to set the version based on the Dagger engine version.

   That way when bump is called, all the components of the Java SDK will get the right version. This helps to work locally with the different libraries and avoid c...

• [x] Better detection for incomplete input
• [x] Print logs after printing child rows so it appears at the bottom of the screen
• [ ] Figure out how to deal with scrollback, current attempt leaves long output chopped off :(

Closes #9723

Users have been confused by https://docs.dagger.io/cookbook/#clone-a-remote-git-repository-into-a-container-by-branch-tag-or-commit. The source of the confusion seems to be deeper than just the reproduction of the cookbook.

Basically, we lack an understanding of the security-by-design model in our docs.

This PR updates the cookbook example to differentiate the HTTP(S) and SSH based refs and also introduces a security-model page. This page is currently not linked to...

We need to document how to use Dagger in a Java custom application on this page. @eunomie I know you are all setup, do you mind tackling this issue for the docs? 🙏

dagger run java ...

Related: https://github.com/dagger/dagger/pull/9709

this is a branch PR bc we don't get secrets for fork PRs

• like dagger shell, but accepts LLM prompts instead
• builds up a Llm.withPrompt chain
• use /with command to set the current Llm state + tools

Splitting out another seperable chunk from https://github.com/dagger/dagger/pull/9682

This updates dagql's cache to use the same "singleflight" implementation added for the local sync rework.

The idea of deduping equivalent calls is the same as the previous cachemap implementation, but with two important additional features:

• Context cancellation is handled better.
  • Previously when calls were deduped, the "first" context was always used, which meant that if it was canceled (i.e. f...

Hopefully fixes #9759.

These don't seem to be used, and also... conceptually, they shouldn't be. For the most part, these structs shouldn't be getting directly serialized, but the labels imply that they are.

We're really inconsistent with this anyways (as noted multiple times previously), so let's just remove them.

I don't really have context for why this was added (somewhere in https://github.com/dagger/dagger/pull/8805), but it's definitely not right, resulting in always setting a completely incorrect auth token.

See the following:

$ GIT_TERMINAL_PROMPT=0 SSH_ASKPASS=echo git credential fill <<EOF
protocol=https
host=github.com
EOF

protocol=https
host=github.com
username=Username for 'https://github.com':
password=Password for 'https://Username%20for%20...

Add introspectionJSONFile in ModuleSource so we can later remove the introspectionJSONFIle argument in the SDKs.

This changes happens because @shykes mention that it's possible to get the module TypeDef directly through the TypeDef API instead of using this introspectionJSON, so it's only an implementation details for our SDKs but not future standalone client generator.

Note: Since SDKs depends on releases dagger version, we will need to wait for a release in order to change...

What is the issue?

Update the cookbook to include PHP snippets for all recipes: https://docs.dagger.io/cookbook

What is the issue?

Add PHP code snippets to api/cache-volumes page: https://docs.dagger.io/api/cache-volumes

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/cache-volumes

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/filters

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/interfaces

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/packages

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/secrets

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/state

What is the issue?

Add PHP code snippets to https://docs.dagger.io/api/terminal

What is the issue?

Add PHP code snippets to https://docs.dagger.io/integrations/google-cloud-run

What is the issue?

If there are PHP-specific troubleshooting tips or errors to watch for, add them to https://docs.dagger.io/troubleshooting

What is the issue?

Add missing documentation for the PHP SDK. Individual page requirements are described in linked sub-issues.

What is the issue?

There is a language-native PHP example on https://docs.dagger.io/api/http#language-native-http-clients, which demonstrates how to interact with Dagger using a PHP HTTP client.

This example was created before the PHP SDK existed.

The question is whether to retain or remove it.

Argument for retain: it provides an example of communicating with Dagger using a raw GraphQL client. This could be useful for users who don't want to use the PHP SDK, who don't want to use mod...

What is the issue?

Add PHP-specific details to https://docs.dagger.io/api/daggerverse/

Currently, we're all using ./hack/dev + ./hack/with-dev go test to pull pprof dumps. It'd be better if we could orchestrate pulling dumps at the end of dagger call test specific invocations, or something UX-equivalent to "run these tests and give me a pprof dump"

cc @sipsma

What is the issue?

When running modules with dependencies in our CI pipeline, we receive excessive logging output from the printed Module.dependencies tree. This creates an issue since GitLab CI has a log output limit where content gets truncated (e.g. "Job's log exceeded limit of 4194304 bytes. Job execution will continue but no more output will be collected."). In most of our pipelines, these messages exceed this job log limit before the actual function logs even begin. This makes debu...

This PR enables setting additional environment variables for the engine container.

Add documentation on how to integrate the Dagger Java SDK with custom applications.

It covers three cases:

• Java / maven
• Java / gradle
• Kotlin / gradle

[!WIP]
Output is not currently added, it failed because libraries are not yet published. I might revisit the code but I wanted to have it as close as possible to the other languages

What are you trying to do?

Using the Directory built in object is a bit clumsy; I'd like to create a function which iterates through the files/directories in a provided Directory argument. While it is possible to do using the entries() function; this returns an array of strings which isn't easy to work with.

I propose adding a files() function and a directories() function which would return an array of File objects for each file in the dir, or an array of Directory objects for each dir...

Wolfi made a change that causes glibc triggers to require busybox triggers having already run:
https://github.com/wolfi-dev/os/commit/8229c0379cada98fb9504dd19a068dbbe2bd0d98

This isn't obviously wrong, but our current alpine module likely runs triggers in a slightly different order and we thus end up with a glibc trigger running, trying to execute /usr/bin/sh and then failing because the busybox symlink (created in its trigger) hasn't been installed yet.

The fix here is a quick hack t...

Overview

This issue tracks the work required to ship native LLM support in the Dagger Engine, as prototyped in #9628 .

Blockers

[ ] LLM access control. All modules have access to the host's LLM endpoints. This adds enormous convenience, but it is a hole in the sandbox. LLM tokens cost real money, so there must be a protection against a module draining them - intentionally or by accident.
[ ] Hacky .env support. The current implement of .env access is hacky: 1) only works for LLM ...

Did a bit more research and realized the hack to ensure busybox symlinks exist in time for glibc's trigger actually may be necessary to get compatibility w/ apko's behavior.

Basically, it turns out that apko

1. doesn't run scripts
2. [has it's own little hack to create busybox symlinks](https://github.com/chainguard-dev/apko/blob/3e63d01bb69480954b6040f5470197ae...

Embed remote dependencies serving in the Connect method.
This enables clients to not depends on local dagger.json to load these dependencies, it's only requires for local one.

List of changes

• Remote dependencies references are passed as argument to the codegen so they can be generated (we really need to split these 2 codegen commands..., will do when things around client gen are more stable)
• Update Serve in engine to not fail if a same dependency is served multiple time...

golang.org/x/exp/rand has been deprecated and scheduled to be deleted.

Reference: golang/exp@f9890c6
Reference: https://go.dev/doc/go1.22#math_rand_v2

Revising list of official Dagger features.

TODO: still need to test this. Don't merge yet.

fixes https://github.com/dagger/dagger/issues/9794

code complete, but currently broken because directory.WithNewFile() takes a string for content and I think passing these profiles through UTF-8 encoding breaks them. Gonna switch to pulling them with curl and passing actual files around.

I'm also getting 500s for cpu profiles rn, not sure why.

taking a default 30s cpu profile

dagger call test dump --run="TestCache/TestVolume" --pkg=./core/integration --route=pprof/profile --de...

Documents how to use Azure OpenAI Service with the experimental LLM feature

This is enabled here: https://github.com/dagger/dagger/pull/9808

Signed-off-by: Julián Cruciani

What are you trying to do?

It's common to protect Ollama endpoints with reverse proxies that enforce authentication via HTTP Basic auth.

Neither dagger nor the underlying openai-go client library or the go HTTP client library make provision for injection of auth credentials directly or via an additional header.

Why is this important to you?

Without explicit support, I don't see how protected Ollama instances can be used with Dagger.

How are you currently working around this?...

What happened? What did you expect to happen?

$ python3 npm_test.py 
Traceback (most recent call last):
  File "/home/kenorb/_temp/dagger/npm_test.py", line 3, in 
    import dagger
  File "/home/kenorb/.local/lib/python3.10/site-packages/dagger/__init__.py", line 1, in 
    from dagger import dagger, VERSION
  File "/home/kenorb/.local/lib/python3.10/site-packages/dagger/dagger.py", line 71
    if type(item) <> ldict_node:
                  ^^
SyntaxError: invalid syntax

$ pip3 fre...

Hello, I was trying to follow along the getting started but I'm having trouble with the very first command dagger init --sdk=python --source=./dagger.

That's is probably something in my machine state, but I'm a bit puzzled to what that could be, so I was hoping someone could shed some light.

Errors

> dagger init --sdk=python --source=./dagger
✘ connect 31.3s
! start engine: new client: interrupted
│ ✔ starting engine 0.0s
│ ✘ connecting to engine 31.3s
│ ! new client: ...

occured -> occurred

docs: Update to llm.7

Bumps the sdk-typescript group with 15 updates in the /sdk/typescript directory:

Bumps the engine group with 9 updates in the / directory:

Bumps the sdk-python-docker group with 1 update in the /modules/ruff/build directory: astral-sh/ruff.
Bumps the sdk-python-docker group with 1 update in the /sdk/python/runtime directory: astral-sh/uv.

Updates astral-sh/ruff from 0.9.9 to 0.9.10

Release notes
Sourced from astral-sh/ruff's releases.

0.9.10
Release Notes
Preview features

[ruff] Add new rule RUF059: Unused unpacked assignment (#16449)
[syntax-errors] D...

Bumps the sdk-java group in /sdk/java with 1 update: org.mockito:mockito-core.

Updates org.mockito:mockito-core from 5.15.2 to 5.16.0

Release notes
Sourced from org.mockito:mockito-core's releases.

v5.16.0
Changelog generated by Shipkit Changelog Gradle Plugin
5.16.0

2025-03-03 - 10 commit(s) by Brice Dutheil, Rafael Winterhalter, TDL, dependabot[bot]
Add support for including module-info in Mockito. (#3597)
Bump com.gradle.d...

Context

What is state? It’s essentially a struct that holds all the information needed for building an API query using the query builder. The current query builder doesn’t deserialize from a string so we pass around the raw data instead, and only build the query when we need to resolve it.

This fundamentally changes how state is passed around. When you use a pipe (|) between functions, each of them is executed in their own goroutine, connected via an os.Pipe. So one function’s s...

hey there! if you run docker ps -a you should see that the dagger engine container probably exited. Could you run docker logs $container_name on that container and share the log here?

Thanks!

All of the links from X look like the below image, this change uses the new dagger-factory.jpg icon for social sharing to make the links posted on X look more interesting. Hopefully this makes the link more interesting to capture the users attention.

We need to document using Bedrock for AI Agents

Contined working on #9816

@vikram-dagger for some reason I couldn't open a PR into your fork, so I opened it here.

Feel free to pull into into your branch.

When using the llm branch and entering the .help command. None of the constructor args or functions will show in the list.

Expected:

1. Enter a module directory
2. Type dagger shell
3. Enter .help
4. The available functions will show along with any constructor args

We spoke about this with Erik, Justin & Connor a few times in the last few weeks, and the consensus is that we want all Engine tests to run against dev Engines (the next version that ships), and there is marginal value in running them against an already released version.

The thinking goes that if all tests continue running the same (or better) in the next version of Dagger, then we are confident in the upcoming release.

While we might want to do the same for all other jobs in this w...

Follow up to #9825

This change adds usage information to flag parsing errors.

Before

After

Thanks for the prompt!
I found a post with exact same error in this issue and the proposed solution there [0] worked for me!

[0] Install a nat kernel module: sudo modprobe iptable_nat

What are you trying to do?

In Dagger Cloud, I would like the ability to make a single trace public - for example to share it on Discord. [Here is an example](#agents message).

Why is this important to you?

No response

How are you currently working around this?

No response

Inverting the svgs looks poor in dark mode and doesn't make it easy to use across docusaurus and GitHub README. This is simple solution.

Touching up some small paper cuts:

1. Adds meta tags to make LinkedIn shares more visually appealing (https://www.linkedin.com/post-inspector/inspect/https:%2F%2Fdocs.dagger.io%2F)
2. Adds descriptions to key pages for better SEO

Add community SDK maintainer requirements and add Java to list of SDKs.

https://linear.app/dagger/issue/ECO-526/list-of-requirements-for-community-sdks

Adds cloud-trace.gif to the README to provide a visual representation of Dagger Cloud tracing.

Adds cloud-trace.gif to the introduction to provide a visual representation of Dagger Cloud tracing.

Removed dependencies and stdlib. Moved builtins to the bottom.

Before

BUILTIN COMMANDS
  .core         Load any core Dagger type
  .deps         Dependencies from the module loaded in the current context
  .help         Show documentation for a command, a module, or a function
  .install      Install a dependency
  .login        Log in to Dagger Cloud
  .logout       Log out from Dagger Cloud
  .stdlib       Standard library functions
  .uninstall    Uninstall a dependen...

This was probably causing flakes, and had the potential to cause big issues. Should hopefully fix the issue noted in https://github.com/dagger/dagger/pull/9730#discussion_r1989264862.

Essentially, for remote operations we were caching twice:

• The DagOp for the Git.tree operation (with a cache key of the git ID)
• The underlying git operation (with a cache key of the git commit) This was very confusing to think about, and probably could have resulted in lots of weird cache issues.

...

This proposal aims to address LLM access control from https://github.com/dagger/dagger/issues/9801. However, I think it's worth considering future use cases as well - there's other cases (especially in an enterprise scenario!) where we'll want to control security per-modules:

• allowing access to InsecureRootCapabilities, and other similar settings
• we could even consider opening up dag.Host access safely for some some modules with this control? maybe?

With that in mind, in this i...

This allows taking remote git args, or local directories using Directory.asGit.

[!WARNING]

Needs tests!

very wip, trying to get the wiring working well enough to succeed like this:

dev && with-dev dagger shell --allow-llm=all -m https://github.com/shykes/toy-programmer -c "go-program \"greet me $(date)\""

but fail like this:

dev && with-dev dagger shell -m https://github.com/shykes/toy-programmer -c "go-program \"greet me $(date)\""

currently my hunch is I'm not getting my AllowLLM flag down to nested clients, but I could be entirely wrong about that.

there was...

Java SDK Cookbook

Fix when a function is returning void (so nothing):

• declare as a typedef of kind Void, optional
• do not get a value and return null

Add more docs regarding Java SDK

Need to test in GHA, will update w/ details once problem+fix confirmed

What are you trying to do?

Today if you want dagger aka dagger shell to ingore the possible module in the local dir, you need to add --no-mod, there should be a shorter option available.

I propose -M since today we have -E meaning --no-exit, -M would signify --no-mod(ule)

OPTIONS
  -c, --code string                  Command to be executed
  -d, --debug                        Show debug logs and full verbosity
  -i, --interactive                  Spawn a terminal on ...

#general message

confirmed this

Support Java enums! 🎉

Enums defined in the module must have the @Enum annotation. This allows the annotation processor to find them and register them and their possible values to the Dagger engine.

For instance:

@Enum
public enum Severity {
  LOW,
  MEDIUM,
  HIGH
}

Only a single enum can be defined with a specific name, whatever their fully qualified name. For instance it you have two enums io.dagger.module.mymodule.Severity and `io.dagger.module.foo.S...

This is a POC for fixing #5691

During buildDocker function, we check if a docker ignore file exists and use that to exclude those paths before building the container.

TODO's:

• [ ] Verify that the name of the file follow the same pattern as supported by Docker
• [ ] Ensure that we do not error out if dockerignore file does not exist
• [ ] Add test cases

Alternative considerations:

I read through on how buildkit do it. while it is possible to do the same in dagger [here](http...

What are you trying to do?

I want to use my host's configured Git credentials within containers in Dagger.

Why is this important to you?

I want to be able to git fetch additional branches to what is already checked out within a git context. This is important for tools like SonarQube where it requires the context of the reference branch to do the analysis. There may be other use cases which require a fetch/pull from remote when working with current git directories. This is easy t...

Adds a link to the technical-content-summarizer example agent.

it checks all the current supported variables are being parsed correctly as well as the fact that the file://.env is being parsed also

looks like with the streaming change the text content got dropped from being appended to the content string

Signed-off-by: Marcos Lilljedahl

For less confusion and more consistency in naming, this updates the engine listener to use unix:///run/dagger/engine.sock.

For now, I'm leaving around the old unix:///run/buildkit/buildkitd.sock too to avoid backwards incompatibility. The two socks are just different listeners for the same server so there's no harm in both existing for now.

This updates everywhere I could find buildkitd.sock across Helm charts, various docs on integrations, etc. So it's worth a double check those ...

Fixes https://github.com/dagger/dagger/issues/9572

This has been flaking on our CI an annoying amount, occasionally locally too.

It seems that the problem happens specifically with a secret command provider being executed in a nested dagger exec.

The problem is that we run our nested exec session attachable server in our custom init process, which creates a race condition between different goroutines trying to wait on child processes.

Our init process obviously has to handle SIGCH...

A recent change modified the path of the version.gen.go file the Go SDK uses to know which version of the CLI to autodownload. However, the path that our release CI uses was not changed, so we ended up in a situation where the new path wasn't changed (stayed on v0.16.2) but the old (unused) one was.

This manually corrects the version.gen.go file and updates CI with the correct path.

Adds a small FAQ to get us something we can iterate on and work towards a 'getting started' / tutorial

What is the issue?

Expected behavior and actual behavior:

When using Dagger to publish an image to a non-existent project in Registry (eg. Harbor), the error should indicate that the project is not found (e.g., "Project not found") instead of returning a 401 Unauthorized error.

This issue seems to be a misinterpretation in Dagger’s handling of the publish process. The failure should be clearly related to the non-existence of the project, not an authentication issue.

The error mess...

Bumps the sdk-java group in /sdk/java with 2 updates: org.junit:junit-bom and org.mockito:mockito-core.

Updates org.junit:junit-bom from 5.12.0 to 5.12.1

Release notes
Sourced from org.junit:junit-bom's releases.

JUnit 5.12.1 = Platform 1.12.1 + Jupiter 5.12.1 + Vintage 5.12.1
See Release Notes.
Full Changelog: https://github.com/junit-team/junit5/compare/r5.12.0...r5.12.1

Commits

ba9c9ae Release 5.12.1
e28...

Bumps the sdk-python-docker group with 1 update in the /modules/ruff/build directory: astral-sh/ruff.
Bumps the sdk-python-docker group with 1 update in the /sdk/python/runtime directory: astral-sh/uv.

Updates astral-sh/ruff from 0.9.10 to 0.11.0

Release notes
Sourced from astral-sh/ruff's releases.

0.11.0
Release Notes
This is a follow-up to release 0.10.0. The requires-python inference changes were unintentionally ...

Bumps the engine group with 4 updates in the / directory: github.com/99designs/gqlgen, github.com/charmbracelet/glamour, github.com/goproxy/goproxy and modernc.org/sqlite.
Bumps the engine group with 1 update in the /sdk/go directory: github.com/99designs/gqlgen.

Updates github.com/99designs/gqlgen...

Bumps the docs group in /docs with 3 updates: typedoc, typedoc-plugin-frontmatter and typedoc-plugin-markdown.

Updates typedoc from 0.27.9 to 0.28.0

Release notes
Sourced from typedoc's releases.

v0.28.0
Breaking Changes

TypeDoc now expects all in...

Update Typescript dev & node modules

• Correctly set useEntrypoint
• Update version
• Correctly export class

I tested it with https://docs.dagger.io/ci/quickstart/simplify using dagger call publish --source=https://github.com/dagger/hello-dagger and it works fine.

These provision tests are pretty disk hungry, since they all start their own docker daemons. So we should avoid spinning up them all in parallel, or we're gonna consume too much disk all at once.

This is an attempt to fix the constantly failing cgroupsv2 jobs on main!

Still not sure about the name - call-2025-03-10 is not great - but I am more interested to check if this fixes the issue.

After all Alternative CI jobs started failing since #9673, this introduces a separate call action which is only used by these alternative CI runners. We want something simpler that has a separate lifecyle from the main call action that we use in the primary CI runners.

The problem with the current call action logging config is that GitHub Actions UI breaks, a...

In the context of client generation and various discussion with @shykes and @helderco.
We conclude that the introspectionJSON arg in SDK module should not be required since they are other ways to get a module object definition (with the typedefAPI).

So I opened a PR (https://github.com/dagger/dagger/pull/9778) to expose the introspectionJSON file with an API call, so it’s up to the SDK maintainer to use it or not.
In #9778, the introspectionJSON API query is part of moduleSource but it...

Add info about Google Auth since we support it now.

What is the issue?

Right now if the engine is not ready by the time the CLI tries to connect it shows a scary looking error in dagger cloud.

connection error: desc = "error reading server preface: command [docker exec -i dagger-engine-v0.15.1 buildctl dial-stdio] has exited with exit status 1, make sure the URL is valid, and Docker 18.09 or later is installed on the remote host: stderr=Error: dial unix /run/buildkit/buildkitd.sock: connect: no such file or directory\nUsage:\n  dial...

Getting rid of dagger/agents links so we can archive that repo

Think I stumbled on a pretty neato pattern for module tests. Just run them with dagger run.

Might break if/when we add self-calls? Not sure. Either way, it "just worked" so rolling with it.

(Also I may be reaching by using the word "evals" here. Dunno.)

Updates the image shared via social links.

Removes the laravel-assistant link to avoid confusion until a complete example and video are available.

Update the llm version to 10, there are issues with llm sync in version 9.

We have plenty of data re performance characteristics and now want to cost-optimise and stay within a $100/month budget.

Let's see how well this works...

I have a container that is going to be running terraform in a monorepo where each project can use a different terraform version. I'd like to manage a cache directory to cache the terraform downloads and only run downloads again if they aren't already downloaded.

So, with my container I can do this (in python),

.with_mounted_cache("/root/.cache/terraform", dag.cache_volume("terraform"))

but how (using this same python) can I opt to do something like this?

if not clien...

What is the issue?

When loading a module that has been initialized without SDK, I get an error.

Dagger version

dagger v0.17.0-llm.10 (docker-image://registry.dagger.io/engine:v0.17.0-llm.10) darwin/arm64

Steps to reproduce

1. dagger init
2. dagger install github.com/shykes/hello
3. dagger

Log output

✔ connect 2.5s
✘ load module 0.1s
! failed to serve module: input: moduleSource.asModule module name and SDK must be set
│ ✔ finding module configuration 0.0s
│ ✘ ...

What is the issue?

When running dagger inside a git repository, which itself is inside a dagger module, I get an error at load: moduleSource source root path "FOO" escapes context "BAR"

Dagger version

dagger v0.17.0-llm.10 (docker-image://registry.dagger.io/engine:v0.17.0-llm.10) darwin/arm64

Steps to reproduce

set -e
dagger init ./tmp/foo
git init ./tmp/foo/bar
cd ./tmp/foo/bar
dagger

Log output

Error: find module ".": input: moduleSource source root pa...

What is the issue?

Running this:

curl -fsSL https://dl.dagger.io/dagger/install.sh | DAGGER_VERSION=0.17.0-llm.10 BIN_DIR=/usr/local/bin sh

Recommends:

ZSH:

    1. Generate a _dagger completion script and write it to a file within your $FPATH, e.g.:

      dagger completion zsh > /usr/local/share/zsh/site-functions/_dagger

    2. Ensure that the following is present in your ~/.zshrc:

      autoload -U compinit
      compinit -i

    zsh version 5.7 or later is recomme...

Supercedes https://github.com/dagger/dagger/pull/9839

More importantly it fixes an issue where shadowed functions were being shown.

Bikeshedding

This puts module functions, dependencies, and stdlib commands under the same category. May want to break stdlib commands under their own "Core Functions" category for example.

See https://github.com/dagger/dagger/pull/9839#issuecomment-2734013528 for more context

Bikeshedding

Hide dagger shell?

Removed the "Experimental" annotation in dagger shell (was shown in --help) but kept it hidden to avoid confusion over using dagger shell vs dagger. May want to expose it anyway.

Hide shell builtins?

Hid the following shell builtins:

• Filesystem navigation: .cd, .ls, .pwd
• Scoping: .stdlib, .deps, .core
• Cobra subprocesses: .install, .update, .upgrade, .login, .logout

REPL Experimental?

Remo...

What?

This is an experiment to see if including a module's top-level functions in .help makes sense.

Why?

Some people asked why .help didn’t show top level functions. Short answer is to keep it consistent with .help since a `` is basically the first function in a module, or its entrypoint (aka, constructor).

The list of a module’s functions comes from the object type that the entrypoint returns: the main object. This is like an object type returned by any other ...

putting this up as draft so maybe @jedevc can see something dumb i'm doing in here that's making this hang... i've tried invoking via shell and call plus various ways of passing the allowed module. still seems like regardless of what I do it hangs.

the daggerCliBase technique + daggerForwardSecrets thing works for the TestAPILimit test right above this one, so if it's something in the test code, it's a typo I can't see even though i'm looking right at it... one thing that's not in this dr...

⚠️ Still needs quickstart guides! This PR only has placeholders for them.

Summary of Changes

• Documentation Restructuring

  • Consolidated multiple CI quickstart pages into a single comprehensive guide
  • Removed redundant "Day 2" page
  • Reorganized sidebar for a more intuitive navigation experience

• New Content

  • Created Examples page with real-world AI agent implementations
  • Added dedicated LLM features page documenting Dagger's AI capabilities
  • Added...

• Shrink the monolith
• Move a shared dependency to sdk/php/dev. Bonus: remove duplicate code

Signed-off-by: Solomon Hykes

This should have been done with https://github.com/dagger/dagger/pull/8669, but looks like this change was missed.

Glancing through the cookbook, I can't see any other examples like this.

Thanks to @vikram-dagger for flagging :pray:

We were using /var/run/dagger/engine.sock in a couple of places (after https://github.com/dagger/dagger/pull/9866), so this patch removes those.

Some of them just need to be renamed, but others should be entirely removed - the --addr flag shouldn't ever need to manually append the socket, we should automatically always add it.

What is the issue?

For context I'm running a k3s cluster using this example/module.

Not sure if it's related, but I frequently get issues when existing the interactive terminal.

dagger ~/svc $ exit
exit 0
Caught panic:

runtime error: index out of range [202] with length 202

Restoring terminal...

goroutine 1 [running]:
runtime/debug.Stack()
        runtime/d...

Follow up from https://github.com/dagger/dagger/pull/9887#discussion_r2002117267.

also retire --focus (unused)

What is the issue?

You cannot have a function name in a module that is named Query

Dagger version

dagger v0.17.0-llm.11 (docker-image://registry.dagger.io/engine:v0.17.0-llm.11) darwin/arm64

Steps to reproduce

When defining a module with the function Query the dagger develop will complete fine, but running dagger functions you get the following error:

# dagger/database-agent/internal/dagger
internal/dagger/dagger.gen.go:7977:2: query redeclared
        internal/d...

Add a new top-level page in docs to list all our examples.

This creates the first agent quickstart where you can create your own toy-programmer

This avoids https://github.com/open-telemetry/opentelemetry-python/issues/4461 until https://github.com/open-telemetry/opentelemetry-python/pull/4462 is released.

At the moment it's possible to write Dagger modules that wrap cloud APIs, and there are benefits to that - but it's labor-intensive. The DX is cumbersome and there are gaps, for example Dagger/Graphql types don't map directly to JSON and OpenAPI (eg. no maps).

What if we added first class to external APIs somehow? Maybe as a special kind of dependency - imagine if your dagger.json could have remote APIs as a dependency, and the engine exposed that as a dagql module? The dependency source cou...

this PR adds tests for the --allow-llm flag and its associated policies.

in the process of writing these tests I found and fixed a bug in nested client allow-llm propagation that made ExperimentalPrivilegedNesting clients always try to prompt the user and did a little refactoring to make the code easier to navigate.

requires https://github.com/dagger/dagger-test-modules/pull/8 is merged and references fixed to point at dagger/dagger-test-modules instead of cwlbraa/dagger-test-module...

I faced this issue when running Podman Desktop on my mac.

Debugging the logs on the container led to an error updating the iptables and this was the fix.

The issue is already documented but it wasn;t obvious it effected me.

Close #9782.

For llama.cpp that doesn't support both at the same time

Uses the default install partial on the agents installation section.

We haven't actually changed any details of the API - and it's pretty easy to give this as a fallback so that we don't need to bump any engine versions anywhere.

Noted this failure in https://github.com/dagger/dagger.io/pull/4328, where we got the following error while crawling a private module:

get module signature: input: moduleSource.asModule failed to get module runtime: failed to query git config: Unimplemented: unknown service Git

What happened? What did you expect to happen?

My antivirus (Cortex XDR) is blocking dagger based on static analysis of the executable.

This is the finding by Palo Alto's Wildfire analysis:

Sample contains hard-coded username/password brute force table | High
Malicious ELF files will use a list of username and passwords to login using brute force.

Action: Sample contains hard-coded username/password brute force table
Details: hard_coded_passwords: 1234qwer,changeme,waldo

Ru...

The Engine API page should live under the Dagger API section, instead of its current location under the Custom Functions section.

Closes https://github.com/dagger/dagger/issues/9854

Setup to use deno with Dagger:

deno init
dagger init --name=test --sdk=typescript --source=.

Dagger will automatically update the deno.json to support the SDK library.

Integration tests are added.
We do not directly run the test on the library since it's not useful, deno already ensure compatibility with node.

While at it, replace alternative-ci-runners-3 with alternative-ci-runners-4, as discussed with @marcosnils

LGTM:

1. https://github.com/dagger/dagger/actions/runs/13977654567
2. https://github.com/dagger/dagger/actions/runs/13977656645
3. https://github.com/dagger/dagger/actions/runs/13977660075

Adds an example agent

A few experiments:

• Add LLM.withQuery for making the whole Query schema available to the LLM
  • loadFooFromID fields are skipped
• CLI prompt starts from Query so you can jump right into action, with module + deps available
• Un-deprecate loop, withFoo setters, and foo getters for now
  • Jury is still out on these, deprecating is a bit harsh (makes them hard to read in Zed)

What is the issue?

We're instrumenting our CI pipeline with OpenTelemetry. I expect the spans of our build test runs to map it to the parent trace-id but we observe orphaned spans.

Dagger version

sdk/go/v0.16.1

Steps to reproduce

dagger.io/client.arch: "amd64"
dagger.io/client.os: "linux"

I've attached the file to show how to reproduce the issue. The problem manifests in this test case as missing spans towards the end of the trace and disappear if we remove `dagger.WithRun...

This is gonna break a bunch of stuff, but better now than later...

Problem

When calling Host.directory() or Host.file(), I get a one-time snapshot of the file or directory, and it will never change for the whole session.

This hasn't been too much of a problem in one-off function calls with dagger call. But it becomes a major obstacle to using the Dagger Shell interactively for local dev.

Solution

Enable reloading of host files and directories in the same session.

Design

API: TBD
Shell UX: TBD

This introduces a new dagger mcp command that starts an MCP stdio server.
MCP clients can configure to exec: dagger mcp or dagger mcp -m path/to/module.

In this version, each dagger function corresponds to an MCP tool.

Caveats:

• Currently, OPENAI_API_KEY or equivalent needs to be set as MCP is a method on the LLM object. This requirement will go away as we separate MCP from LLM.
• Currently -s or --progress plain needs to be specified so only stderr is used, as `dagger m...

Pending

• [ ] Update screen recordings

Adds integration tests requiring that the PHP SDK can handle method signatures of:

• Scalar Kind
• List Kind
• Void Kind

messed up DCO on this one https://github.com/dagger/dagger/pull/9912

Problem

Secret providers currently fetch secrets in a lazy manner and have an internal cache system to avoid hammering the underlying service. Thing is that some of these providers generally emit extremely short lived keys (seconds) which for long pipelines this represents an issue as there's no current way to overcome this.

Solution

We should come up with a way so users can optionally set a TTL so secrets provider secerts are not cached indefinitely.

Questions

• Do we want this T...

with 0.17.0

Bumps the docs group in /docs with 4 updates: posthog-docusaurus, sass, typedoc and typedoc-plugin-markdown.

Updates posthog-docusaurus from 2.0.2 to 2.0.4

Updates sass from 1.85.1 to 1.86.0

Release notes
Sourced from sass's releases.

Dart Sass 1.86.0
To install Sass 1.86.0, download one of the packages below ...

Bumps the engine group with 11 updates in the / directory:

Bumps the sdk-python-docker group with 1 update in the /modules/ruff/build directory: astral-sh/ruff.
Bumps the sdk-python-docker group with 2 updates in the /sdk/python/runtime directory: python and astral-sh/uv.

Updates astral-sh/ruff from 0.9.10 to 0.11.2

Release notes
Sourced from astral-sh/ruff's releases.

0.11.2
Release Notes
Preview features

[syntax-errors] Fix false-positive syntax errors emitted for annotat...

Bumps the sdk-java group in /sdk/java with 2 updates: io.smallrye:smallrye-graphql-client-api and io.smallrye:smallrye-graphql-client-implementation-vertx.

Updates io.smallrye:smallrye-graphql-client-api from 2.12.1 to 2.12.2

Updates io.smallrye:smallrye-graphql-client-implementation-vertx from 2.12.1 to 2.12.2

Updates io.smallrye:smallrye-graphql-client-implementation-vertx from 2.12.1 to 2.12.2

Dependabot will resolve any conflicts with this PR as long as you don't alter it yours...

Bumps the sdk-typescript group in /sdk/typescript with 11 updates:

Based on https://github.com/dagger/dagger/actions/runs/14029841848/job/39303736375?pr=9944#step:5:11230 it seems the failure comes from jwt so I bumped the version to the fix

The first change should make testdev-everything-else complete quicker (it's currently ~17mins).

The second change should make testdev-module-runtimes complete quicker (it's currently ~14mins).

these are under development atm, and especially with https://github.com/dagger/dagger/pull/9915 we should be careful not to overload test-everything-else

Removes the double links in the nav to the examples docs page.

:warning: Currently broken, see #1353819090623533170 message

Fixes 9490

Signed-off-by: Tom Chauveau

(This PR does a few things, still working on the description, quick PR up so I can go over the diff)

New evals system

• Added the beginning of a new suite of evals so we can quickly get a sense of how well each model understands our tool calling scheme as we iterate on it.
  • Gemini is great for this
• Adds an agent loop module for iterating on a system prompt based on how those evals go.
  • We maintain a README for the tool calling scheme.
  • The agent generates a syste...

Fixes for a few typos in https://docs.dagger.io/ai-agents

This test has started to flake out more often recently again. Based on test output it looks like the attempt to prevent the cache mount from being pruned wasn't even actually running by the time the test containers were running (which is possible because it works by running a separate long running container in a different goroutine, so the goroutine isn't guaranteed to be running at any particular time).

This attempts to deflake by having the...

Fixes a linter error introduced by https://github.com/dagger/dagger/pull/9941