Hey @gregoryboue! Just saw this. Will provide an update tomorrow :pray:

Fix for an issue that I noticed while I was testing the TS SDK in a monorepo setup.
Basically, if your context dir is /root and your module that generate the client is in /root/foo/bar, the generated content would be in /root instead of /root/foo/bar (only happens in TypeScript).
This PR fixes that behaviour :)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• `@dependabot ...

Thaaaaaanks @vito :heart: :heart: :heart:

This prevents output from API calls like Foo.contents from showing up in the plain output, where the signal:noise ratio is very poor. (Prior art from the dots frontend: https://github.com/dagger/dagger/pull/10617)

If the session cache Release method was called while some calls were still running, it was possible for them to only be appended to the list of results after Release was already done, in which case they'd stay in the underlying cache and leak forever.

This adds handling to track when the session cache is closed and release any results that show up after that.

This seemed to be resulting in memory leaks. It wasn't perfectly repro-able, but was able to see leaks fairly often just a...

This patch improves the telemetry at client startup in a few ways:

• Earlier notification of cloud telemetry info - this ensures we can open the web view before the engine is provisioned.
• Adds logging info as a real OTEL span, instead of a virtual log. This means that we can get metadata about the versions we're actually connecting to in cloud (previously missing).
• Correctly nests the image store configuration under the "connecting to engine" span (which requires defering the loa...

What happened? What did you expect to happen?

I have a CI pipeline that use Dagger running on version 0.18.12 locally using the Python SDK.
The pipeline was working fine but due to a clunky step that use a lot of RAM, my computer (Ubuntu 22.04) freeze and crashed while dagger was running on my workstation.
When I restarted my computer and tried to run dagger again but it doesn't work anymore and I have the following error:
dagger call --debug --progress=plain

...
448 : 3dc4249ec717...

We were re-using the same code path for stdout/stderr collection which enforces a 100kb size limit. Applying this to the error extraction resulted in the Error ID also being truncated, which led to errors falling back to the unhelpful process "/runtime" failed with exit status 2-esque error.

Example: https://dagger.cloud/dagger/traces/9c9ac34fec07079afbc9b6a737ffacaa

Now we only enforce the limit for stdout/stderr and allow the Error ID to be arbitrarily large.

@sipsma I know you m...

• A module may reference another as its blueprint.
• fix install

What happened? What did you expect to happen?

Hi there. I created this issue to document how a recent change to the engine impacted us when upgrading. We have since solved our issue, but I thought it might be interesting to document it here.

Our organisation deploys a single version of the dagger engine for our CI runners - this is because it would be too expensive to deploy multiple versions. Dagger modules across repos are subject to the CI version and when upgrading, all CI builds ar...

@marcosnils no update ? 😄

Fixes:

• https://github.com/dagger/dagger/issues/10676

TODO:

• [x] Nerdctl / Finch
  • [x] Integration tests
  • [ ] Manual sanity checks
• [x] Podman
  • [x] Integration tests
  • [x] Manual sanity checks
• [ ] Apple container

@gregoryboue my apologies :see_no_evil:, got swamped with some other stuff this week. Will reply today for sure :pray:

What is the issue?

This appears to be a regression with some of the recent changes to how enums operate. In the past I could have a module that looks like

type Dependency struct {
	Opts []dagger.ContainerPublishOpts // +private
}

func New() *Dependency {
	return &MyModule{Opts: []dagger.ContainerPublishOpts{
		{PlatformVariants: []*dagger.Container{dag.Container().From("alpine")}},
	}}
}

func (m *Dependency) Publish(ctx context.Context) (string, error) {
	return dag.Container()....

hey @gregoryboue! I was finally to find some time to leave my thoughts here.

There's a long thread we could pull from here about "good" design / software practices and what would be the "best" way to model this. Having said that, I'll try to be brief and cut to the point about how I'd approach this knowing Dagger's limitations while also trying to to put myself in your position of delivering the best experience for your module creators and adopters.

Change the way we design our modu...

Bumps the docs group in /docs with 1 update: posthog-js.

Updates posthog-js from 1.256.2 to 1.257.0

Release notes
Sourced from posthog-js's releases.

1.257.0 - 2025-07-08

one for flags and flags for all (#2079)
Fix comment (#2078)
feat: Enhance AssignableWindow type with additional properties for better SDK integration (#2077)
reset flags internal state when posthog.reset is called (#2066)

Commits

a004c9a chore: Bump version to 1.257.0
d7121...

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• `@dependabot ...

Bumps the sdk-java group with 2 updates in the /sdk/java directory: org.apache.commons:commons-lang3 and org.junit:junit-bom.

Updates org.apache.commons:commons-lang3 from 3.17.0 to 3.18.0

Updates org.junit:junit-bom from 5.13.1 to 5.13.3

Release notes
Sourced from org.junit:junit-bom's releases.

JUnit 5.13.3 = Platform 1.13.3 + Jupiter 5.13.3 + Vintage 5.13.3
See Release Notes.
Full Changelog: https://github.com/junit-team/junit-framew...

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• `@dependabot ...

And update goreleaser for good measure.

Nix requires cp from coreutils (for reasons, it's annoying). Thankfully, we can just install those.

Small CI maintenance chore

Looks like this was a "simple" case of the conditional being the wrong way round. Fixing that though means we need a better way of ensuring that we doFetch correctly.

Instead of going through the buildkit gateway, directly invoke and call the mount manager from inside of dagger. This is a follow-up to #10457, it's essentially the exact same transform, but for services.

This turns out to be a dependency for changes we'd like to do around #6990 - if we have direct access to the mount manager, then we open the way to propagate synced directories in.

[!WARNING]

This is work-in-progress! :construction_worker_woman:

What are you trying to do?

When configuring a Service with certificates and doing up the output shows

tunnel started port=443 protocol=tcp http_url=http://localhost:443

Despite the fact the URL is actually https://localhost.
This is purely cosmetic, as visiting the HTTPS URL works as expected.

But it would be nice if Dagger could somehow detect if a Service was using TLS and show the output accordingly. I'm not sure how this could be implemented, but perhaps a check again...

Two little tweaks to improve error UX:

• Preserve the error origin when setting the root span error, so we can be 100% sure what error was the root cause of the failure.
• Always reveal error origins. Currently it's easy for these to be hidden by other spans that configure reveal: true.

Hi @marcosnils,

Thanks for the answer.
For the moment i think we will continue to have duplicate code in separate module, to keep better code readability.
Are you planning anything to make dagger support inheritance better ?

We added support for module interfaces a while back.

However, we never went the full way and we didn't ever need interfaces in the "core" module (the main dagger API). So it just doesn't work right now.

There are several cases I think we should support:

• Allowing core types to implement core-defined interfaces
  • Some types just make more sense as an interface! They already have multiple "backends", like GitRepository or Service. We should expose this implied interface as a real int...

Problem

Suppose a user is working on a fairly standard frontend/backend project. The user will likely have two separate Services for each service:

func (MyModule) Frontend(
    // +defaultPath="./src/frontend"
    src *dagger.Directory,
) *dagger.Service {
    return dag.Container().
        From("node:latest").
        WithWorkdir("/src").
        WithMountedDirectory(".", src).
        WithExec([]string{"npm", "install"}).
        WithExec([]string{"npm", "build"}).
        Wit...

Fixes https://github.com/dagger/dagger/issues/10715.

This doesn't mean these values have become allowed, the engine will still reject them. However, now, they can correctly be used in private fields again, like they used to be.

This introduces a new structure and layout for the documentation.

Things left to be done:

• [ ] Finish migrating and merging the content into the new pages
• [ ] Add/update all of the redirects from the old URIs to the new ones
• [ ] Get feedback on the look and feel as well as the navigation, content, and structure

Prints https is the service port is 443. This is not a bullet proof
solution but it's extremely unlikely that a service would use port 443
without listening for TLS traffic.

fixes #10724

Signed-off-by: Marcos Lilljedahl

What is the issue?

Problem

As stated in the title, seems like calling .refresh doesn't seem refresh/reload the module you're working on. If you make any changes like removing / adding functions or changing their arguments, .refresh doesn't seem to reflect that.

I'd assume this is a regression since I recall seeing this working in previous Dagger versions

Dagger version

v0.18.12

Steps to reproduce

1. Create a module
2. Run dagger shell
3. With the shell open, add a ...

Update local module loading to lookup for all .gitignore files inside the context directory
Add IgnorePattenrs in LocalModuleSource.
Apply IgnorePatterns when loading contextual directory argument.

Essentially, the opposite of https://github.com/dagger/dagger/issues/8025.

We should be able to import images from the local container runtime. Probably under the Host API, so something like dag.Host().Container(""). That matches up with how we load files/directories already.

This way, it would be possible to do something like:

$ docker image ls
REPOSITORY                    TAG        IMAGE ID       CREATED          SIZE
my-img                        latest     d4a4cfe3b1dd   2 mi...

(This is currently only a known issue on main, not in a release yet, just creating to track fixing it before next release)

The evals workflow has been failing with errors along the lines of instantiate: toSelectable: unknown type EvaluatorEval. Similar errors reported by users testing off main w/ interfaces.

Caused by https://github.com/dagger/dagger/pull/10620

Have a basic idea of what's wrong here, working on a fix

What is the issue?

For security and consistency reasons, both Cache Volumes (https://github.com/dagger/dagger/issues/7211) and Secrets are scoped by default to the modules they're defined in. If users have a need to share them across modules, they need to intentionally pass a reference to those resources via constructor or function arguments.

We don't mention anything in our docs neither here https://docs.dagger.io/api/secrets/ or here https://docs.dagger.io/api/cache-volumes/ and th...

This introduces a new execInMount function, which deduplicates a lot of the boiler plate code needed to perform dagops.

Takes a Git-compatible patch string and applies it to the directory, using git apply under the hood.

This way you can make incremental changes to a directory without having to add entire new file contents at a time. Also supports binary diffs, so this is a bit beefier than patch -p1.

Fixes the confusion from https://github.com/dagger/dagger/issues/10508.

Simplify Env with generic bindings. This is part of #10370

[x] New core type: ID. A generic ID for any Dagger object.
[x] New core function: Env.withBinding. Create a new binding with the given ID as value.
[x] New core function: Env.binding. Retrieve a binding.
[x] New core function: Env.bindings. List all bindings.
[ ] Deprecate Env.with[XXX]Binding
[ ] Deprecate Env.inputs and Env.outputs

Fixes https://github.com/dagger/dagger/issues/10434. These fields can easily be constructed and be nullable.

Before:

❯ echo "{module{name,runtime,source}}" | dagger query
▶ connect 0.2s

● moduleSource(refString: ".", allowNotExists: true): ModuleSource! 0.0s
▶ .configExists: Boolean! 0.0s

● module: Module! 0.0s
● .name: String! 0.0s

● Module.runtime: Container! 0.0s

● Module.source: ModuleSource! 0.0s

Full trace at https://dagger.cloud/jedevc/traces/cbb397e127bbea...

What is the issue?

Under high concurrency scenarios, the Python client exhibits performance issues and instability not observed with the Rust client. Specifically, the Python client can create a combinatorial explosion of sandboxes when a single node is hit by many users simultaneously, resulting in significant slowdowns.

Feedback from user (@igrekun):

“The way Python and Rust manage global Dagger sessions is a bit different.
When using the Python client through an HTTP server under ex...

• based on #10742
• uses ripgrep --json under the hood (added to engine image)
• returns a structured [SearchResult!]! output

A teeny tiny QoL for when you run Dagger from Claude Code. Right now it uses the plain format which is too overwhelming. It seems to handle --progress=report really well.

Fixes https://github.com/dagger/dagger/issues/10738

There was a very subtle issue where ObjectResults were accidentally being "downgraded" to Result when dagql call internals were attempting to unwrap them. This was due to unintentionally calling DerefValue on the embedded Result of ObjectResult and returning the received, which was a Result rather than full ObjectResult.

This broke interface loading specifically because we currently rely on some objects already being select...

Seeing some flakes on main+PRs with session cache is closed, e.g. https://dagger.cloud/dagger/traces/2c21ffb6385408be6b9b89cf9e7bec4d?listen=ac11982282afb038&listen=87dded5a7770eee9&listen=52f3eb5dc55d05b4&listen=b4c672b2d466aa9f#165234f9b49aa894:L1735

https://github.com/dagger/dagger/pull/10708 introduced that error case; it's correctly error'ing because we shouldn't be trying to use session caches that are closed (and doing so can result in memory leaks), so need to find where we are s...

Will fix https://github.com/dagger/dagger/issues/10750

Draft, haven't had success repro'ing locally yet so gonna parallelize in CI

This is experimental, just to see if that could be a good idea or not.

All start with a dagger.yaml file you can put in your project. The dagger.yaml file is composed of two sections: vars and tasks.

vars allow to define some variable (could be basic variable like strings, or more complex using any dagger primitives).

For instance this is declaring a Go version and defining a ctr variable representing a basic container to work on a go project:

vars:
  go_vers...

A new feature in the engine API: load resources from the host using a single standardized address.

This is a feature that already exists in the CLI, but we're moving in the engine so that it can be used from other places. Specifically a persisted config file to pre-configure default values. Most especially default secrets.

Noticed the v3 UI was choking on traces generated by dev engines, because encoding/gob can't handle []any. SpanSnapshots get sent over the wire with encoding/gob for performance reasons; it's generally safe because we control both sides (client + server), so we don't need to worry about schemas and compatibility drift, but it does restrict what types we can feed into it.

Quickly extracting this rough proposal from [a Discord discussion](#1346164284278706258 message) since it's come up a couple of times now.

We have a lot of the primitives already to build a pretty nifty prompting API, building on the existing 'prompt to allow module to use LLM' code path.

type Query {
  prompt(
    "Markdown-formatted message to display."
    message: String!
  ): Prompt!
}

type Prompt {
  "Request a y...

Despite squashing a number of occurences, we are still seeing occasional flakes related to using stale sessions. These errors do mean something unexpected is happening with the lifecycle of session caches and should be an error in the long term, but in the short term it's not strictly necessary to return them; things should generally work.

This update thus downgrades returning the error to just logging it, while still avoiding memory leaks previously caused by this problem.

PR up first in case we want to quickfix this, looking into eval coverage now.

Edge merging is a constant thorn and may explain some remaining weirdness we are seeing with sessions disappearing and related errors.

I know that this currently results in a failure in a caching test due to content hashed mounts not applying to cache keys for execs correctly, which will need a fix before merge, but sending out now to sus out any other issues in the background.

when an agent starts going off the rails it's natural to interrupt it and course-correct. but right now that actually completely undoes the prompt and whatever progress it made.

this mistake was being made at multiple layers:

• we were Fork()ing at each prompt, even though we don't even support rewinding in the UI yet
• the $agent var handling wasn't being respected everywhere, so if WithPrompt didn't succeed it would end up resetting back to the old value in $agent

• error origins could sometimes not be wired up depending on span receiving order
• engine version scrubber choked on the v in -dev

What are you trying to do?

I would like to inspect the host where the CLI is running to understand where exactly the dagger engine is running. As an Enterprise user of dagger, we have various compliance and security needs that we need to meet. One such need is the need to know exactly where the client (and the engine) is running.

We would like to take actions within our modules based on the host.

Why is this important to you?

An example of something we would like to do is, based ...

(reviving https://github.com/dagger/dagger/pull/10361 which can't be reopened)

Currently when the model runs something like withExec("date") it doesn't see any output - it has to call stdout or stderr to see it.

This trace shows the model trying to run various diagnost...

Closes #10739

*This is an alternative to #10753 *

A sneaky workaround for the lack of self-referential inputs: when called from a module function call, this will pass the calling object in to the environment.

distributed cache is currently being reworked at a lower level so we
remove the magicache code given that it's almost likely that the new
architecture will not use it.

Signed-off-by: Marcos Lilljedahl

What is the issue?

Originally reported by @skycaptain in #1396132812377296936 message.

Dagger version

v0.18.13

Steps to reproduce

See the repro: https://github.com/skycaptain/dagger-issue-passing-secrets

In v0.18.12:

$ dagger -m ./module-b call job --netrc-file 'file:dagger.json' run
▶ connect 1.5s
▶ load module: ./module-b 19.5s
● parsing command line arguments 0.0s

● moduleB: ModuleB! 0.7s
● .job(
  ┆ netrcF...

See https://avd.aquasec.com/nvd/cve-2025-7783.

Fixes the failing scan check on main https://dagger.cloud/dagger/traces/bb970b092c345c761dbd619de5b126de#63e5bbe9c59ba8bd:EL331

Fixes https://github.com/dagger/dagger/issues/10663

Handling of single quotes was naive. Should've replaced them only if first and last char but simpler to just embrace the direct output from repr and let ruff reformat it later.

Also recovered default value for list arguments, although it doesn't change behavior, just makes it show on the body of the function (client binding) which can be helpful while debugging.

This allows passing build args to a docker build via the CLI.

Example

host | directory . | docker-build --platform darwin/arm64 --build-args BIN_NAME=docker-runx,NO_ARCHIVE=true --target export-bin | export .

\cc @eunomie

Fixes #10776

When a module object had a Nullable field for an object type, we were subtly setting the ID for the field to the ID that selects the field, rather than the ID for the object it wraps (when the nullable is set).

This didn't impact too much other than secrets, where it could break loading in certain situations when the secret would be attempted to be loaded from the field selector ID rather than the underlying ID for the secret from the core API.

This fixes the issue by...

What are you trying to do?

A very neat feature would be the ability to specify stdin for a command in WithExec which is a secret variable so that it doesn't get exposed in the logs.

Why is this important to you?

When trying to use the tool skopeo, I encountered its limitation that it does not expand environment variable in the login credentials. Directly supplying the credentials is a no-go, as they would be exposed then in Dagger's logs. The other option to supply a password to ...

I currently use dagger telemetry metrics to follow up container resource usage.

I would like to add custom tags to know for example image name of a container where the metrics are coming from.

I would know if someone has already done this or if it is possible to do it ?

For the moment, only these tag key are available :

I tried to set OTEL_RESOURCE_ATTRIBUTES environment variable but it doesn't add the tags to the metrics.

Thanks for your help

What are you trying to do?

I am trying to reliably access (both programmatically and in Dagger Cloud) the output of .with_exec() steps that might or might not have been cached previously. Right now it seems cached steps don't store their stdout, so cached and non-cached runs behave differently.

Related Discord thread: https://discord.com/channels/707636530424053791/1397564686618198026

Why is this important to you?

Generally speaking, caching is a technique to improve performanc...

@shykes notices that JSONValue was badly formatted when defined as object (#1397223053452120144 message)

It's the first time we have this case, that's why we never saw it before.

This PR fixes that behaviour.

What is the issue?

For context, see: https://discord.com/channels/707636530424053791/1397614015756374219

Dagger version

dagger 0.18.4

Steps to reproduce

In a repo storing the blueprint:

$> git checkout -b test
$> dagger init --sdk go --name not-main --license none --source not-main not-main
$> git add .
$> git commit -m 'chore: non-default branch module'

In a repo consuming the blueprint

$> dagger init --blueprint=ssh://github.com/nadirollo/daggerverse...

A few PRs got merged that changed the Go SDK and the end merged result on main was out of sync, just needs a regen

CI hit an error in the cache unit tests, locally I could repro it in ~2 runs when running w/ -count=100000, so unclear if it was really causing any genuine problems.

Was a legit problem though; with the right timing it was possible to remove a call from internal maps when there were waiters remaining, which would result in extra calls appearing.

What is the issue?

Two times now I have been incredibly confused by the fact that my code says this:

  pub source: Directory! @defaultPath(
    path: "/",
    ignore: [
      "Session.vim"
      "dang"
      "zed-dang/grammars/"
      ".env"
      ".envrc"
    ]
  )

But then in the terminal I see this:

● dang(
  ┆ source: Host.directory(path: "/var/home/vito/src/dang", exclude: [], noCache: true): Directory!
  ): Dang! 0.4s
● .source: Directory! 0.0s

Meanwhile,...

Fixes #10785

Repro script for reference:

set -e

mkdir repro
cd repro

cat >dagger.json <<'.'
{
  "name": "test",
  "engineVersion": "v0.18.14",
  "blueprint": {
    "name": "not-main",
    "source": "github.com/shykes/x/not-main@test",
    "pin": "6b29f8aa297117bc06181050cab1b067c4927c6d"
  }
}
.
dagger call -q hello
dagger update
dagger call -q hello

cat dagger.json

Overview

Stable configuration for provisioning and connecting to the dagger engine from the dagger CLI.

• Deprecated: _EXPERIMENTAL_DAGGER_RUNNER_HOST
• No change: DAGGER_CLOUD_ENGINE: connect to dagger cloud experimental engine
• New: DAGGER_ENGINE_HOST: connect directly to an engine. Supports tcp://, ssh://, unix://, container://, kube-pod://. no provisioning, no special URL flags
• New: DAGGER_ENGINE_IMAGE: if provisioning from an image, override which ima...

Problem

Officially, there is no supported way to connect remotely to an engine. But there is an escape hatch (_EXPERIMENTAL_DAGGER_RUNNER_HOST) and lots of people use it in production. In fact it has become a de facto standard for everyone running Dagger in self-hosted CI clusters.

This disconnect between what users do, and what we support, must be resolved. We face a simple choice:

1. Promote the escape hatch to a fully supported feature. This means replacing `_EXPERIMENTAL_DAGGER_RU...

could you explain (roughly) how the version checks work today? How does the CLI determine whether it can use a given engine version? Are there know limitations and planned improvements to that system?

Jumping in :wave:

There are two types of version checks generally - between the engine and modules, and between the cli and the engine (the latter is what we're interested in here).

When the CLI connects to an engine it performs a naive health check by hitting a gRPC /Info endpoint - esse...

Before I can comment on this half of the proposal @gerhard @jedevc @sipsma I need the other half. Reducing the scope of conversation doesn't automatically reduce the scope of the design. It may just sweep parts of it under the rug.

If we ship a flag with no concern for provisioning, we're making a bunch of implicit decisions. For example we're deciding that any client version can connect to any server version and it's our responsibility to manage the full compatibility matrix. I think we sho...

The sequencing I'm imagining which incorporates both connecting and then provisioning

We make the hook for getting connections (what's called _EXPERIMENTAL_DAGGER_RUNNER_HOST) public and documented

I'm good with the sequencing here, but just to nitpick - I think that one of the reasons to design these together, is that the docker-image:// in _EXPERIMENTAL_DAGGER_RUNNER_HOST today is actually more of a Provisioner, instead of a Connection Driver. So ideally I'd like to sketch a pa...

We talked about this with @jedevc & @sipsma and the key take away from that conversation is that we want to split the connecting & provisioning concerns.

Today, _EXPERIMENTAL_DAGGER_RUNNER_HOST combines both concerns and therefore pulls in the Compute Drivers context. Before we stabilize _EXPERIMENTAL_DAGGER_RUNNER_HOST into a first-class feature, the consensus is that we want to reduce its scope. The proposal is to:

1. Introduce a new CLI ...

We assume that an Engine exists, and we need to connect to it via a remote TCP/IP connection. That is the boundary of this issue, both in terms of discussion & design.

I just started collecting my thoughts on how an Engine gets provisioned, via a "compute driver" in the other issue, which is focused on creating & deleting Engines, with no connection concerns.

I don't see the coupling or sequencing requirement between creating / deleting and connecting. Do you @jedevc @...

The "REP", the protocol that is private today but we are considering making public

@shykes We don't need to make all of that public. The only thing we need to be made public is the hook the CLI uses to get a network connection to the engine server (in concrete terms, the CLI needs a net.Conn). Today the various values of _EXPERIMENTAL_DAGGER_RUNNER_HOST are just specifying how the connections are made:

• tcp://, unix://, etc. - just directly connect using normal ip/unix socket
• `s...

Would it make sense to push the Provisioners discussion into what is today called https://github.com/dagger/dagger/issues/5583 and keep this issue focus on the Connection Driver?

No, we have to discuss it together. I challenge that "connection driver" and "provisioner" are even different concepts. It's all compute drivers to me. By splitting them up before even discussing their design, you're front-loading a design decision before the design discussion even started.

It may be possible now to use Copilot APIs as an LLM provider allowing users with Copilot access to use those models within Dagger.

Looking at the implementation in sst/opencode, we should be able to initiate an oauth flow with Copilot. There are some references to using a token as well which may or may not actually work. Needs investigation.

With token (may not work):
Set base_url to https://api.githubcopilot.com
Get the api key from ~/.config/github-copilot/apps.json

Oauth flow:
http...

Follow up fix for https://github.com/dagger/dagger/pull/10580 to make the trace-url available to the SDKs. Looks like the cloudOrg wasn't being passed through to nested sessions, so it would work with dagger core cloud trace-url but not via SDK

What is the issue?

I am trying Module self-invocation with an LLM (not released, using a dev build on that PR #10584).

The pattern is convenient because it avoids creating a separate module for the toolset, you can simply expose the current module to the LLM.

However we get back to the problem of filtering functions available to the LLM. Here is what happens:

Example:

type MyModule struct{}

// Tool1
func (m *MyModule) Tool1(ctx co...

Bumps the docs group with 3 updates in the /docs directory: posthog-js, typedoc and typedoc-plugin-markdown.

Updates posthog-js from 1.256.2 to 1.258.2

Release notes
Sourced from posthog-js's releases.

posthog-js@1.258.2
1.258.2
Patch Changes

#2111 7114593 Thanks @​pauldambra! - checks for session activity i...

Bumps the engine group with 9 updates in the / directory:

Closes #9263

The Rust SDK’s “Usage” snippet in sdk/rust/crates/dagger-sdk/README.md no longer compiles because connect now requires you to pass a closure. This PR updates the example to:

dagger_sdk::connect(|client| async move {
    // 1) Spin up a Go 1.19 container
    // 2) Run “go version” inside it
    // 3) Grab the printed output
    let version = client
        .container()
        .from("golang:1.19")
        .with_exec(vec!["go", "version"])
        .stdout...

Bumps the sdk-java group with 4 updates in the /sdk/java directory: io.netty:netty-common, io.netty:netty-handler, org.apache.commons:commons-lang3 and org.junit:junit-bom.

Updates io.netty:netty-common from 4.2.2.Final to 4.2.3.Final

Commits

aef99f0 [maven-release-plugin] prepare release netty-4.2.3.Final
a79d8a2 Generate missing javadocs jar
29a9678 Fix staging of codec-...

Fixes https://github.com/dagger/dagger/issues/10781.

This allows reading stdin from a file in the container - we name this option RedirectStdin to be inline with RedirectStdout/RedirectStderr.

Before:

$ time dagger call -m github.com/dagger/dagger/version@main version
v0.18.15-250728111339-1a8c04db77d6

Full trace at https://dagger.cloud/jedevc/traces/fa964659c3e20b2df74c3b43590d70ab
dagger-dev call -m github.com/dagger/dagger/version@main version  3.44s user 0.88s system 4% cpu 1:37.37 total

$ time dagger call -m github.com/dagger/dagger/version@main version
v0.18.15-250728111339-1a8c04db77d6

Full trace at https://dagger.cloud/jedevc/traces/8276c6e06d137a4fd0b66...

Effectively reverts https://github.com/dagger/dagger/pull/10632/commits/caac8b23db2452d67d83dec0ae9af72a67c45528

But keep the ordering.

This changeset fix default value in Elixir doesn't set properly when default value declared via :default option.

Now if user declare a signature like:

defn sample(hello: {String.t(), default: "world"}) :: String.t() do
  hello
end

The defn will transform into:

def sample(hello \\ "world") do
  hello
end

The dagger mcp command exposes a dagger module as an mcp server

To better support turning your daggerized projects into a usable mcp server for agents, we must make the interface 'dumber'. The idea is that chaining dagger types via API calls is too complex of a flow for agents to successfully follow.

Proposal

• The dagger mcp command should not expect clients to support dynamic tools
• Function calls only return scalars
• Core types can have an auto-scalar resolution. Such as `F...

What is the issue?

Blueprint modules

#10464 #10712

in order for kernel modules to be automatically loaded on startup, the
file should be named with a .conf extension.

ref: https://man7.org/linux/man-pages/man5/modules-load.d.5.html

Signed-off-by: Marcos Lilljedahl

What is the issue?

https://github.com/user-attachments/assets/fbeefc9a-a49e-4151-9b35-afaa772cc018

A repro with dagger 0.18.4 and an engine built from main.
The issue happened with the 0.18.4.

https://dagger.cloud/Quartz/traces/57b929a4d8811682c82534b10789c063#f4f0d42dba4159ba

Dagger version

0.18.4

Steps to reproduce

I had trouble reproducing the issue but I think the bug happens when I switch my dev engine version:

1. Build a dev engine from main
2. Run dagger functions (o...

Fixes #10737 as a follow-up to #10662.

TODO:

• [ ] Tests passing
• [ ] Cleanup
  • Move more implementation to core/

This had a FIXME, we've wanted to do this for a while.

We can deprecate functions whenever we like, depending on time-frame we could remove this in the next minor release.

We've got some deprecated fields which can be removed for v0.19.0:

• withAuthToken/withAuthHeader, deprecated since #10248
• keepBytes, deprecated since #8725
• setSecretFile, deprecated since #9682

What is the issue?

Description
I'm deploying Dagger as a DaemonSet on a Kubernetes cluster, and I've set CPU and memory limits on the dagger-engine pods. However, the containers launched by Dagger (dagger core container from ...) do not inherit these resource constraints, and can consume significantly more memory than specified.

Dagger version

dagger v0.18.12 (unix:///run/dagger/engine.sock) linux/amd64

Steps to reproduce

Setup

• Dagger version: v0.18.12
  -...

Context

In our company, we use Dagger as the CI engine for our software factory, which is used across all IT departments (DSI).
Dagger is deployed as a DaemonSet in our Kubernetes cluster.

As part of our billing and usage tracking, we need to collect metrics from containers launched by Dagger, which uses the BuildKit SDK under the hood to spawn runc containers.

We use Datadog as our monitoring solution.
However, currently, metrics from these runc ...

[!WARNING]

Milestoning so I don't forget :eyes:

There's a lot of clutter in the session attachables to make sure that we can handle old clients/engines - but this is getting a bit tricky to manage. Since v0.19.0 is a minor release, it feels fairly reasonable to bump this (so clients =0.19.0 and vice versa).

We should bump here: https://github.com/dagger/dagger/blob/aaa13befbe949553e6f0f3deb1b03ff5be2f34ec/engine/version.go#L32-L38

And then declutter: https://github.com/search?q=repo%...

This restriction seems to have been introduced way back in #6482. Regardless, it does just work, and it's very annoying to hit an error condition and then have to remove the --output flag to just get it working.

Setup

Assume the following module:

package main

import (
	"context"
	"dagger/foo/internal/dagger"
)

type Foo struct {
	Entries []string
}

func New(
	ctx context.Context,
	// description goes here
	// +defaultPath="./arg"
	// +ignore=["foo.txt"]
	myArg *dagger.Directory,
) (*Foo, error) {
	entries, err := myArg.Entries(ctx)
	if err != nil {
		return nil, err
	}
	return &Foo{entries}, nil
}

With the following testdata:

$ mkdir arg
$ touch arg/{foo,bar}.txt

Get the t...

This will allow module authors to mark parts of their API as deprecated (currently not possible).

For example, in go:

package main

import (
	"context"
	"dagger/foo/internal/dagger"
)

type Foo struct {
    MyDeprecatedField string // +deprecated
}

// +deprecated
type MyAdditionalType struct {
    X string
}

// +deprecated
func (foo *Foo) MyDeprecatedFunc() {
}

func (foo *Foo) MyOtherFunc(]
    myDeprecatedArg string // +deprecated
) {
}

[!NOTE]

This requires that we all...

fixes #9701

Today, the functions and their args do not illustrate some common best practices and style.
The large comment block is simply removed by most and so we should make it much shorter and to the point.
Fixing this will help adoption.

• [ ] module comments shortened to essential
• [ ] functions/args reworked
• [ ] tests updated

Previously, the following operations were failing:

mkdir test && cd test
dagger init
dagger client install go

Because the go client generator assumed that the module was aside a go module, same as module generation before we generate a default go.mod.

This PR fixes that issue by: generating a default go.mod based on the module name if no go.mod exist in the current directory. This allows an user to create a submodule in a go project and import the client from there.

Al...

Add Kubernetes Service for Dagger Engine

Context

We operate a large-scale software factory supporting key business units (DSM/DSI).
To enhance our CI capabilities and accelerate delivery, we are deploying Dagger as our new CI solution.

Our setup:

• Dagger runs as a DaemonSet in Kubernetes
• Shared Dagger modules live in GitLab
• Projects use these modules via GitLab CI pipelines

This aims to provide a scalable and reliable CI platform aligned with our bu...

What is the issue?

Error logs:

▼ asModule getModDef 1.7s ERROR
                                                                                                                                                                                                                                                
 [ERROR] Dagger\ValueObject\Type should not be constructed for arrays, use                                                                                                             ...

What are you trying to do?

As part of https://github.com/dagger/dagger/pull/10714, we should also consider making the necessary changes into the engine default registry authentication mechanism (i.e: reading dagger.json) so images can be automatically pulled from private registries if the client is already authenticated.

Why is this important to you?

No response

How are you currently working around this?

No response

• Updated default uv version to 0.8
• Changed default build backend to uv_build instead of hatchling now that it's stable
• Changed default Python version to 3.13

What are you trying to do?

A discussion more than a feature request (yet!)

How would you feel about adding a new parameter, when installing a --blueprint that allows the dagger call to always fetch the latest ref?

Our platform team maintains many pipelines, and we expect our consumers to be on the hundreds.
Introducing new functionality, improvements or chaging behind the scenes implementations (e.g. migration from an artifact registry to another), requires our consumers to update...

What are you trying to do?

I suggest to add flag --status to dagger login so it will be easy to check login status of the user.

Why is this important to you?

I like to create simple scripts to call specific dagger functions to hide some complexity from my collegues.
And I would like to keep them logged in to Dagger Cloud so they can enjoy web traces and magic cache.
But I don't want to force them to login with blocking call dagger login. So I would like to check the login sta...

A small feature, this basically unwraps the error exec to unwrap the error such that we show more clearly what fails and whatnot.

What is the issue?

I was checking out the hidden dagger client install command that I learned about from a chat in the discord.

When I ran the help command on client install to learn how it works I noticed that the option --generator was still present in the help output even though the functionality was removed in this PR-10454.

This leads to a mismatch from the command's help output and actually running the command

Dagger ver...

When running the dagger client install --help command the output suggests there is a --generator option whose functionality was removed and appeared to be missed https://github.com/dagger/dagger/pull/10454.

This PR assumes the intention was to remove that flag and cleans up the code that causes it to still show up in the commands help output.

Bumps the sdk-typescript group with 15 updates in the /sdk/typescript directory:

Bumps the sdk-java group with 6 updates in the /sdk/java directory:

Bumps the docs group in /docs with 7 updates:

See #10823

A Dagger Function is written returning an array, this requires a #[ReturnsListOfType] attribute. With the attribute missing the error message received is:

 [ERROR] Dagger\ValueObject\Type should not be constructed for arrays, use                                                                                                                                                                      
         Dagger\ValueObject\ListOfType instead. If this error occurred outside   ...

Fixes https://github.com/dagger/dagger/issues/8034.

Hit this, decided to do cmd+strip, which is a fairly standard way of doing "protocol variations".

In the future, we could switch the default, but decided to pass on that change for now.

Bumps the engine group with 13 updates in the / directory:

Follow-up to https://github.com/dagger/dagger/pull/10825

Pushed as a separate PR (and in draft) so this is only published after releasing that change.

This is just a nice thing to do :tada:

We work out which contributors are external by looking at whether they're in a specific github team - any members of the maintainers tag or sdk- tag are treated as external.

Closes #10835

Users were faced with a misleading error message when returning an array from their function, but forgetting to specify its subtype.

This provides a clear message with the solution.

Shell Mode Service Object Handling Issue

Problem Statement

The Dagger shell mode cannot pass Service objects to functions that accept ServiceID parameters, specifically affecting git --experimental-service-host and http --experimental-service-host.

Technical Analysis

API Definition

The git function expects a Service object ID as defined in:

core/schema/git.go:148

type gitArgs struct {
    URL                     string
    KeepGitDir              dagql.Opti...

Fixes @helderco's comment in https://github.com/dagger/dagger/pull/10800#discussion_r2251896934.

Ooops!

Follow-up to https://github.com/dagger/dagger/pull/10722

We always should have been using --first-parent here, without that, we always get all the parents, which counts all parents of a merge commit, which isn't really useful for estimating the depth.

This is also really just a guess - it's possible that different parents can end up with different depths. This means it's theoretically possible to get the wrong results here.

Fixes https://github.com/dagger/dagger/issues/10841

Affected commands

Affected functions should only be git and http if using an object passed as a variable or direct command substitution ($(...)) because from the list of commands in .stdlib these are the only ones that accept object arguments:

• cache-volume
• container
• directory
• engine
• env
• file
• git
• host
• http
• llm
• secret
• set-secret
• version

Chained funct...

Add the capability to use the remote dagger library on the Typescript SDK.

This make possible to commit the generated client bindings and simplify overall module setup.
For backward compatibility and consistency across the various setup (local, bundle, remote), I used the import map to rename the remote dependency @dagger.io/core so the user still import the client binding with @dagger.io/dagger.

Setup remote module on Node/Bun

yarn init // bun init
yarn add @dagg...

Fixes #8520. Follow-up to https://github.com/dagger/dagger/pull/10195.

[!WARNING]

This PR is under construction! :construction_worker_woman:

This allows a module to get git information about itself - it can do this through the core Git type.

TODO:

• [ ] SDK support
  • [x] Go SDK
  • [ ] Python SDK
  • [ ] Typescript SDK
• [ ] Testing
  • [x] Local source tests
  • [ ] Git source tests through http://github.com/dagger/dagger-test-modules

This is pretty much the main reason we need our own Git implementation in version/git.go (which is slow).

See https://github.com/dagger/dagger/pull/10801 for more context.

We can implement this ourselves (with a reasonable amount of reshuffling and refactoring).

What are you trying to do?

User asked:

Another question on this .... is a --source that is a git repo a full clone? Am I supposed to have access to all the tag and metadata?

Short answer, no.

since i'm working with azure repos it complicates things. Good to know i explored all options. made it a little tricky 🙂

You can look at

dagger -M -c 'container | from alpine/git | with-workdir /a | with-exec git,clone,https://github.com/dagger/dagger,. | terminal'

vs

dagger -M -c...

Optimize performances by moving the gitIgnore loading into a dagOpWrapper internal operation so it's cached
more efficiently.

This PR follows up #10736 and apply this comment: https://github.com/dagger/dagger/pull/10736#discussion_r2254524913

Benchmarks

What is the issue?

I am using the Container Use MCP. One of my projects included a git submodule and when an agent tries to create an environment with that repo, the git SSH command fails due to not having an SSH key (it's a private gitlab repo). I dug into how Container Use works, then how it invokes dagger session to create the dagger engine docker container.

My issue is this container never gets my host's SSH auth socket mounted. Reading the Dagger docs, they claim this should happ...

Previously, cloning a repository with HTTP(S) authentication worked for the parent repo but failed for submodules because the auth header was not passed down to git submodule update. This change injects the correct http.:///.extraheader into the environment for all Git commands run by the engine, ensuring submodules receive the same credentials.

Key changes:

• Updated RemoteGitRepository.setup to add the extraheader via GIT_CONFIG_* env vars instead of only passing -c args to th...

Alpine Linux 3.22 updated their Go package from 1.24.4 to 1.24.6-r0 on 2025-08-08. This change updates the Go version constant to match the available package, fixing the build error when building the dev version of the engine:

  go-1.24.6-r0.apk disqualified because "1.24.6-r0" does not
  satisfy "go~1.24.4"

The constraint "go~1.24.4" specifically requires version 1.24.4.x, but Alpine no longer provides this version: https://pkgs.alpinelinux.org/package/v3.22/community/x...

Fixes https://github.com/dagger/dagger/issues/10696

• Change the Elixir image from hexpm/elixir to elixir which's maintained by Erlang Ecosystem Foundation Team (https://github.com/erlef/docker-elixir).
• Bump the Erlang OTP to 28

Bumps the docs group in /docs with 4 updates: docusaurus-plugin-typedoc, posthog-js, sass and typedoc.

Updates docusaurus-plugin-typedoc from 1.4.1 to 1.4.2

Changelog
Sourced from docusaurus-plugin-typedoc's changelog.

1.4.2 (2025-08-04)
Patch Changes

Fix error when () ...

Bumps the engine group with 18 updates in the / directory:

Bumps the sdk-java group with 7 updates in the /sdk/java directory:

What are you trying to do?

I am currently building an experimental Continuous Delivery (CD) pipeline using Dagger to release software & configuration changes to our CDN platform. This requires taking multiple inputs, such as the details of the person making the change, the artefacts to release (packages & versions, configuration changes) and the list of targets (physical machines) to deploy the changes onto. This input data must be validated, and is stored beyond the lifetime of the Dagg...

Pretty much this:

https://github.com/dagger/dagger/blob/40dba8d312c76caed679a9ba952048c52c96a259/core/git.go#L789-L794

Problems:

• Bad caching. If a submodule A is already in the cache as repo A, we won't actually clone after that.
• Weird auth. See https://github.com/dagger/dagger/pull/10855#discussion_r2266427963. We should be able to configure auth for submodules.
• Inflexible. While we can configure the --depth of a clone, we can't do this for submodules - we always go to ...

What happened? What did you expect to happen?

I'd like to get confirmation if it is or not, per discussion with @jpadams last week.
If it's a problem then there is likely a bug to report based on our discussion caused by a combination of someone running ECI and a dagger command overwriting content in the .git directory that probably needs to be added.

https://docs.docker.com/enterprise/security/hardened-desktop/enhanced-container-isolation/

With the ability to get a Dagger Cloud trace URL from the Dagger client, its now possible to attach the current session as in-toto attestation evidence on an artifact produced from your Dagger function.

This is created from the in-toto predicate template

This markdown file once on main will be pointed to by the URL https://dagger.io/evidence/trace-url/v1

An example use case for this predicate t...

What are you trying to do?

For local testing we use the serve functionallity. One of our containers stores a SQLite DB file and writes that to a mounted directory. With docker compose this file was then available and persisted at the mounted directory. With daggers withMountedDirectory nothing is written to the mounted directory.
The docs state as much:

any changes to mounted files and/or directories will only be reflected in the target directory and not in the mount sources

I wish th...

Depends on #10723.

What is the issue?

A trailing slash is commonly used in .gitignore files to ignore complete folders. In one of my projects, I have the following lines to ignore all build directories:

# Ignore build directories
build*/

In the same project, I have a file as part of my Dagger module under .dagger/build.go. Recent versions of Dagger appear to have an issue where this file is ignored when running the module as shown below. The problem can be mitigated by renaming the file, but it...

Sparked by a bug reported by @jasonmccallister.

1. Essentially, not every SDK supports generating/displaying sourcemaps, so these fields must be nullable.
2. We weren't displaying sourcemaps for modules loaded from directories / git (we were only doing local).
   • We can very reasonably display for these cases.
   • We just need to construct an HTML URL!

Fixes https://github.com/dagger/dagger/issues/10868

Oops. My bad.

go 1.25 release notes: https://go.dev/doc/go1.25

• Propose rule in style guide for capitalization
• Update text to match proposed style rule
• Add back missing link to engine config schema
• Update reference overview page to be in sync with latest nav changes

• Propose rule in style guide for capitalization
• Update text to match proposed style rule
• Add back missing link to engine config schema
• Update reference overview page to be in sync with latest nav changes

By using the -E flag, or the E hotkey, we can enter a special TUI no-exit state.

While in this state, even after the dagger operation is completed, we keep the TUI open and running. However, previously, we were completely shutting down the session and the telemetry.

For some interesting future operations (e.g. #10867), we want to defer these callbacks until we're quitting the TUI completely - we want to keep an active client as long as the TUI is running in some form :smile:

This is a HUGE PR resulting from a bunch of experiments that sort of blended from one to another. (Sorry... again. I'll split this up after my wedding. :sweat_smile:)

The big things:

• Env now has a filesystem, which automatically propagates between tool calls and gets re-hydrated as contextual args to modules
• LLM now supports MCP servers (in other words, LLM is an MCP client), which also run with the same filesystem, and even propagate changes out to subsequent tool calls
  *...

Close #8558

Adds two tests for constructors in PHP modules:

1. Asserts it receives arguments to the constructor method correctly.
2. Asserts it can manipulate arguments inside the constructor body correctly.

I also added a .gitignore for php test data so that I don't have to keep manually deleting READMEs and such.

See https://github.com/netty/netty/security/advisories/GHSA-prj3-ccx8-p6x4

This PR moves files and directories to reflect the final agreed navigation for the site. The intent is to arrange the filesystem logically and make it easier to locate specific pages using the public URL.

There are a lot of files in this PR, however the majority of the diff is physical movement rather than content update.

What is the issue?

Specifying $HOME environment variable in some Container.With* method does not expand the environment variable to what it's pointing to, despite the environment variable being defined in the container.

Is this a bug or is there something I am misunderstanding?

I am working around this by just writing out the path to $HOME, so it's not the end of the world, but it's an annoyance.

Dagger version

dagger v0.18.14 (docker-image://registry.dagger.io/engine:v0.18...

What are you trying to do?

SDK's can now implicitly expose a "getter" function on properties: https://docs.dagger.io/api/state/

The PHP SDK will want to implement this for feature parity.

Why is this important to you?

Feature parity with other SDKs.

Reduce boilerplate code for getters.

How are you currently working around this?

Write fully fledged DaggerFunctions like this:

#[DaggerFunction]
public function getFoo(): Foo
{
    return $this->foo;
}

Implements my suggestion in https://github.com/dagger/dagger/issues/10868#issuecomment-3183991570.

We remove the original approach from https://github.com/dagger/dagger/pull/10736, which attempts to convert gitignore-style patterns into dockerignore-style patterns (supported by buildkit, which uses mobypatternmatcher). Instead, we add a gitignoreFS, which creates a filtered FS in the style of filterFS, but that automatically extracts gitignore filters from .gitignore files in the...

Hello,

We have started seeing this issue when using the python sdk (as an app, not a dagger module):

dagger.ClientConnectionError: Failed to establish client connection to the Dagger session: Failed to build schema from introspection query: Unknown argument "includeDeprecated" on field "__Field.args".

I believe it is due to a recent release in the gql python library.

I have forced the version of gql to `3.5....

The problem: public repositories must expose their credentials if they wish to send telemetry Dagger Cloud. We expose our DAGGER_CLOUD_TOKEN in this repository. Since its only telemetry we don't worry much. But as we introduce compute-related features its critical that we have a secure mechanism to authenticate against api.dagger.cloud without exposing sensitive credentials.

To fix this issue we implement an OIDC authentication flow against our cloud API. To use this mechanism users need t...

Summary

Fixes a critical build failure in the TypeScript SDK caused by a missing OpenTelemetry Jaeger exporter dependency. The @opentelemetry/sdk-node package dynamically imports @opentelemetry/exporter-jaeger but this dependency was not included in the package.json, causing webpack and other bundlers to fail during build.

Problem

Projects consuming @dagger.io/dagger would encounter the following build error:

Module not found: Can't resolve '@opentelemetry/exporter-jaeg...

Fixes https://github.com/dagger/dagger/issues/10885.

We need to release this ASAP.

Additional fix for https://github.com/dagger/dagger/issues/10885.

See the graphql spec at https://github.com/graphql/graphql-spec/blob/main/spec/Section 4 -- Introspection.md

Somehow, we weren't supporting the includeDeprecated arg in all the required places. This probably appeared when we did the original import into dagql, but until gql 4.0.0, no graphql client was actually querying these fields.

Reverts both https://github.com/dagger/dagger/pull/10736 and https://github.com/dagger/dagger/pull/10853.

There's a fairly bug in the pattern conversion approach: https://github.com/dagger/dagger/issues/10868. It's not immediately obvious that it is at all fixable with the current approach, and I think more major refactoring in the form of https://github.com/dagger/dagger/pull/10883 is actually required.

However, the original author of the original patch is currently on PTO (and my re...

Bumps the docs group in /docs with 4 updates: posthog-js, typedoc-plugin-markdown, @types/node and markdownlint-cli.

Updates posthog-js from 1.259.0 to 1.260.1

Release notes
Sourced from posthog-js's releases.

posthog-js@1....

Bumps the sdk-java group in /sdk/java with 3 updates: io.netty:netty-common, io.netty:netty-handler and org.mockito:mockito-core.

Updates io.netty:netty-common from 4.2.3.Final to 4.2.4.Final

Commits

7fefa5a [maven-release-plugin] prepare release netty-4.2.4.Final
350da87 Merge commit from fork
817bab1 Add support for SOCKS5 private authentication methods (RFC#1928) (#15470)
c4ac661 ...

Bumps the sdk-typescript group in /sdk/typescript with 17 updates:

Bumps the sdk-elixir group in /sdk/elixir with 1 update: ex_doc.

Updates ex_doc from 0.38.2 to 0.38.3

Changelog
Sourced from ex_doc's changelog.

v0.38.3 (2025-08-17)

Enhancements

Allow configuring autocomplete limit, and default it to 10 instead of 8
Display description text in docs groups
Load discovered makeup apps for CLI

Commits

0630c3c Release v0.38.3
8ba731c Bump tmp from 0.2.1 to 0.2.4 in /assets (#2139)
6f032c4 Load discovered mak...

Live development proposal

This is an mega attempt to solve #6990 - our most upvoted issue in the backlog.

It's a big issue, and there's lot of different use-cases, proposed solutions, and prototypes. This is an attempt to unbundle all this, and try and address each use case - and importantly, plot a plan going forward. The idea isn't to plan every detail, but to agree on a general destina...

Woo, I'm really smart. Introduced this in #10714.

What is the issue?

The Python SDK documentation here: https://dagger-io.readthedocs.io/en/sdk-python-v0.18.14/

Links to the archive documentation. Once we publish the new docs structure, we should make sure these links are updated to the new location on the docs.

What is the issue?

The Typescript documentation published to https://www.npmjs.com/package/@dagger.io/dagger points to an old archive version of the docs.

Once the new docs structure is published live, we should update this to point to the right location in the new docs.

Just bring back the stderr scanning :cry:

Follow up to: https://github.com/dagger/dagger/pull/10896

What are you trying to do?

Problem

Currently, the with helper in the Container type has the following signature:

with = (arg: (param: Container) => Container)

This makes it quite cumbersome to implement something like this:

dag.container()
.from("foo")
.with(retries(["mix","test"],5))
.exitCode()

Since retries needs to be able to await on the container to validate the execution.

Solution

Implement a with helper which allows passing an async func...

Don't think there's any reason NOT to do this, helps to have the debug listeners set up before you know you need'em (e.g. a deadlock).

• avoid using names since names aren't actually exposed, LLM may confuse
  for filenames
• don't be over-precise for withEnvVariable tool naming convention

Signed-off-by: Alex Suraci

Bumps the sdk-java group with 2 updates in the /sdk/java directory: io.vertx:vertx-web-client and org.mockito:mockito-core.

Updates io.vertx:vertx-web-client from 4.5.18 to 5.0.3

Commits

5af8f1e Releasing 5.0.3
c38d62e Set next snapshot version
035c5da Releasing 5.0.2
58cc745 Documentation must indicate when a BodyHandler is required (#2759) (#2760)
50f2e9e Set next snapshot version
ee50828 Releasing 5.0.1
f0ba...

This option got dropped during driver refactoring, which seems to have caused engine start in CI to fail >50% of the time due to sed: write error when the engine tries to setup cgroups during its entrypoint.

• https://github.com/dagger/dagger/issues/7785

Previously that would happen, the engine would restart and then succeed since the sed error is ephemeral. However, without the option the engine just never starts.

This change just re-adds that to the docker run command line.

• [ ] Bikeshed API changes

Changes

• Env now has a filesystem, which automatically propagates between tool calls and gets re-hydrated as contextual args to modules
• LLM now supports MCP servers (in other words, LLM is an MCP client), which also run with the same filesystem, and even propagate changes out to subsequent tool calls
• LLM now captures and displays logs in each tool call response (supersedes #10768)
• LLM now exposes its tools in "dynamic mode" by default,...

Some services (like the containerd service) only listen on unix sockets. We don't really support those, all our services are tcp/udp networked.

[!NOTE]

To workaround, we're doing something like: https://github.com/dagger/dagger/blob/28043bb7c21924d5e0663abf6ef3a2b8e8591f6c/core/integration/provision_test.go#L337-L344

We put the unix socket into a CacheVolume, and then mount it in both the server and the client.

This "works", but 1. is hacky, and 2. doesn't support useful feat...

What is the issue?

Currently DefaultPath for Files will load the entire directory containing the file and then select the file from it https://github.com/dagger/dagger/blob/v0.18.16/core/modfunc.go#L644
So Host().Directory(dir).File(file)

This is surprising when that directory is large and takes a long time when we only want one file

The desired behavior is
Host().File(file)
or if we must load the directory for some reason,
Host.Directory(dir, include:file).File(file)