engine: v28.1.0 (#22438)

<!--Delete sections as needed -->

## Description

<!-- Tell us what you did and why -->

## Related issues or tickets

<!-- Related issues, pull requests, or Jira tickets -->

## Reviews

<!-- Notes for reviewers here -->
<!-- List applicable reviews (optionally @tag reviewers) -->

- [ ] Technical review
- [ ] Editorial review
- [ ] Product review

---------

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
Co-authored-by: Allie Sadler <102604716+aevesdocker@users.noreply.github.com>
Co-authored-by: Usha Mandya <47779042+usha-mandya@users.noreply.github.com>

_vale/config/vocabularies/Docker/accept.txt

@@ -97,6 +97,7 @@ Sysbox
 Sysdig
 Testcontainers
 Traefik
+Trixie
 Ubuntu
 Unix
 VMware

_vendor/github.com/docker/cli/docs/extend/_index.md

@@ -35,31 +35,38 @@ Plugins that start successfully are listed as enabled in the output.
 After a plugin is installed, you can use it as an option for another Docker
 operation, such as creating a volume.
 
-In the following example, you install the `sshfs` plugin, verify that it is
+In the following example, you install the [`rclone` plugin](https://rclone.org/docker/), verify that it is
 enabled, and use it to create a volume.
 
 > [!NOTE]
-> This example is intended for instructional purposes only. Once the volume is
-> created, your SSH password to the remote host is exposed as plaintext when
-> inspecting the volume. Delete the volume as soon as you are done with the
-> example.
+> This example is intended for instructional purposes only.
 
-1. Install the `sshfs` plugin.
+1. Set up the pre-requisite directories. By default they must exist on the host at the following locations:
+
+   - `/var/lib/docker-plugins/rclone/config`. Reserved for the `rclone.conf` config file and must exist even if it's empty and the config file is not present.
+   - `/var/lib/docker-plugins/rclone/cache`. Holds the plugin state file as well as optional VFS caches.
+
+2. Install the `rclone` plugin.
 
    ```console
-   $ docker plugin install vieux/sshfs
+   $ docker plugin install rclone/docker-volume-rclone --alias rclone
 
-   Plugin "vieux/sshfs" is requesting the following privileges:
+   Plugin "rclone/docker-volume-rclone" is requesting the following privileges:
     - network: [host]
+    - mount: [/var/lib/docker-plugins/rclone/config]
+    - mount: [/var/lib/docker-plugins/rclone/cache]
+    - device: [/dev/fuse]
     - capabilities: [CAP_SYS_ADMIN]
-   Do you grant the above permissions? [y/N] y
-
-   vieux/sshfs
+   Do you grant the above permissions? [y/N] 
    ```
 
-   The plugin requests 2 privileges:
+   The plugin requests 5 privileges:
 
    - It needs access to the `host` network.
+   - Access to pre-requisite directories to mount to store:
+      - Your Rclone config files
+      - Temporary cache data
+   - Gives access to the FUSE (Filesystem in Userspace) device. This is required because Rclone uses FUSE to mount remote storage as if it were a local filesystem.
    - It needs the `CAP_SYS_ADMIN` capability, which allows the plugin to run
      the `mount` command.
 
@@ -68,24 +75,25 @@ enabled, and use it to create a volume.
    ```console
    $ docker plugin ls
 
-   ID                    NAME                  TAG                 DESCRIPTION                   ENABLED
-   69553ca1d789          vieux/sshfs           latest              the `sshfs` plugin            true
+   ID                    NAME                      DESCRIPTION                                ENABLED
+   aede66158353          rclone:latest             Rclone volume plugin for Docker            true
    ```
 
 3. Create a volume using the plugin.
    This example mounts the `/remote` directory on host `1.2.3.4` into a
-   volume named `sshvolume`.
+   volume named `rclonevolume`.
 
    This volume can now be mounted into containers.
 
    ```console
    $ docker volume create \
-     -d vieux/sshfs \
-     --name sshvolume \
-     -o sshcmd=user@1.2.3.4:/remote \
-     -o password=$(cat file_containing_password_for_remote_host)
-
-   sshvolume
+     -d rclone \
+     --name rclonevolume \
+     -o type=sftp \
+     -o path=remote \
+     -o sftp-host=1.2.3.4 \
+     -o sftp-user=user \
+     -o "sftp-password=$(cat file_containing_password_for_remote_host)"
    ```
 
 4. Verify that the volume was created successfully.
@@ -94,21 +102,21 @@ enabled, and use it to create a volume.
    $ docker volume ls
 
    DRIVER              NAME
-   vieux/sshfs         sshvolume
+   rclone         rclonevolume
    ```
 
-5. Start a container that uses the volume `sshvolume`.
+5. Start a container that uses the volume `rclonevolume`.
 
    ```console
-   $ docker run --rm -v sshvolume:/data busybox ls /data
+   $ docker run --rm -v rclonevolume:/data busybox ls /data
 
    <content of /remote on machine 1.2.3.4>
    ```
 
-6. Remove the volume `sshvolume`
+6. Remove the volume `rclonevolume`
 
    ```console
-   $ docker volume rm sshvolume
+   $ docker volume rm rclonevolume
 
    sshvolume
    ```

_vendor/github.com/moby/moby/docs/api/v1.44.yaml

@@ -9647,13 +9647,9 @@ paths:
 
         ### Image tarball format
 
-        An image tarball contains one directory per image layer (named using its long ID), each containing these files:
+        An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content).
 
-        - `VERSION`: currently `1.0` - the file format version
-        - `json`: detailed layer information, similar to `docker inspect layer_id`
-        - `layer.tar`: A tarfile containing the filesystem changes in this layer
-
-        The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
+        Additionally, includes the manifest.json file associated with a backwards compatible docker save format.
 
         If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
 

_vendor/github.com/moby/moby/docs/api/v1.45.yaml

@@ -9627,13 +9627,9 @@ paths:
 
         ### Image tarball format
 
-        An image tarball contains one directory per image layer (named using its long ID), each containing these files:
+        An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content).
 
-        - `VERSION`: currently `1.0` - the file format version
-        - `json`: detailed layer information, similar to `docker inspect layer_id`
-        - `layer.tar`: A tarfile containing the filesystem changes in this layer
-
-        The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
+        Additionally, includes the manifest.json file associated with a backwards compatible docker save format.
 
         If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
 

_vendor/github.com/moby/moby/docs/api/v1.46.yaml

@@ -9761,13 +9761,9 @@ paths:
 
         ### Image tarball format
 
-        An image tarball contains one directory per image layer (named using its long ID), each containing these files:
+        An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content).
 
-        - `VERSION`: currently `1.0` - the file format version
-        - `json`: detailed layer information, similar to `docker inspect layer_id`
-        - `layer.tar`: A tarfile containing the filesystem changes in this layer
-
-        The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
+        Additionally, includes the manifest.json file associated with a backwards compatible docker save format.
 
         If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
 

_vendor/github.com/moby/moby/docs/api/v1.47.yaml

@@ -9902,13 +9902,9 @@ paths:
 
         ### Image tarball format
 
-        An image tarball contains one directory per image layer (named using its long ID), each containing these files:
+        An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content).
 
-        - `VERSION`: currently `1.0` - the file format version
-        - `json`: detailed layer information, similar to `docker inspect layer_id`
-        - `layer.tar`: A tarfile containing the filesystem changes in this layer
-
-        The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
+        Additionally, includes the manifest.json file associated with a backwards compatible docker save format.
 
         If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
 

_vendor/github.com/moby/moby/docs/api/v1.48.yaml

@@ -10491,13 +10491,9 @@ paths:
 
         ### Image tarball format
 
-        An image tarball contains one directory per image layer (named using its long ID), each containing these files:
+        An image tarball contains [Content as defined in the OCI Image Layout Specification](https://github.com/opencontainers/image-spec/blob/v1.1.1/image-layout.md#content).
 
-        - `VERSION`: currently `1.0` - the file format version
-        - `json`: detailed layer information, similar to `docker inspect layer_id`
-        - `layer.tar`: A tarfile containing the filesystem changes in this layer
-
-        The `layer.tar` file contains `aufs` style `.wh..wh.aufs` files and directories for storing attribute changes and deletions.
+        Additionally, includes the manifest.json file associated with a backwards compatible docker save format.
 
         If the tarball defines a repository, the tarball should also include a `repositories` file at the root that contains a list of repository and tag names mapped to layer IDs.
 
@@ -10537,6 +10533,7 @@ paths:
             If not provided, the full multi-platform image will be saved.
 
             Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}`
+      tags: ["Image"]
   /images/get:
     get:
       summary: "Export several images"
@@ -10571,6 +10568,16 @@ paths:
           type: "array"
           items:
             type: "string"
+        - name: "platform"
+          type: "string"
+          in: "query"
+          description: |
+            JSON encoded OCI platform describing a platform which will be used
+            to select a platform-specific image to be saved if the image is
+            multi-platform.
+            If not provided, the full multi-platform image will be saved.
+
+            Example: `{"os": "linux", "architecture": "arm", "variant": "v5"}`
       tags: ["Image"]
   /images/load:
     post:

_vendor/github.com/moby/moby/docs/api/version-history.md

@@ -13,6 +13,23 @@ keywords: "API, Docker, rcli, REST, documentation"
      will be rejected.
 -->
 
+## v1.49 API changes
+
+[Docker Engine API v1.49](https://docs.docker.com/reference/api/engine/version/v1.49/) documentation
+
+* `GET /images/{name}/json` now supports a `platform` parameter (JSON
+  encoded OCI Platform type) allowing to specify a platform of the multi-platform
+  image to inspect.
+  This option is mutually exclusive with the `manifests` option.
+* `GET /info` now returns a `FirewallBackend` containing information about
+  the daemon's firewalling configuration.
+* Deprecated: The  `AllowNondistributableArtifactsCIDRs` and `AllowNondistributableArtifactsHostnames`
+  fields in the `RegistryConfig` struct in the `GET /info` response are omitted
+  in API v1.49.
+* Deprecated: The `ContainerdCommit.Expected`, `RuncCommit.Expected`, and
+  `InitCommit.Expected` fields in the `GET /info` endpoint were deprecated
+  in API v1.48, and are now omitted in API v1.49.
+
 ## v1.48 API changes
 
 [Docker Engine API v1.48](https://docs.docker.com/reference/api/engine/version/v1.48/) documentation

_vendor/modules.txt

@@ -1,6 +1,6 @@
-# github.com/moby/moby v28.0.2+incompatible
+# github.com/moby/moby v28.1.0-rc.2+incompatible
 # github.com/moby/buildkit v0.21.0
 # github.com/docker/buildx v0.23.0
-# github.com/docker/cli v28.0.4+incompatible
+# github.com/docker/cli v28.1.0-rc.2+incompatible
 # github.com/docker/compose/v2 v2.35.0
 # github.com/docker/scout-cli v1.15.0

content/manuals/engine/release-notes/28.md

@@ -13,6 +13,7 @@ aliases:
 - /release-notes/docker-ce/
 - /release-notes/docker-engine/
 - /engine/release-notes/28.0/
+- /engine/release-notes/28.1/
 ---
 
 This page describes the latest changes, additions, known issues, and fixes for Docker Engine version 28.
@@ -22,6 +23,78 @@ For more information about:
 - Deprecated and removed features, see [Deprecated Engine Features](../deprecated.md).
 - Changes to the Engine API, see [Engine API version history](/reference/api/engine/version-history.md).
 
+## 28.1.0
+
+{{< release-date date="2025-04-17" >}}
+
+For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
+
+- [docker/cli, 28.1.0 milestone](https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A28.1.0)
+- [moby/moby, 28.1.0 milestone](https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A28.1.0)
+
+### New
+
+- Add `docker bake` sub-command as alias for `docker buildx bake`. [docker/cli#5947](https://github.com/docker/cli/pull/5947)
+- Experimental: add a new `--use-api-socket` flag on `docker run` and `docker create` to enable access to Docker socket from inside a container and to share credentials from the host with the container. [docker/cli#5858](https://github.com/docker/cli/pull/5858)
+- `docker image inspect` now supports a `--platform` flag to inspect a specific platform of a multi-platform image. [docker/cli#5934](https://github.com/docker/cli/pull/5934)
+
+### Bug fixes and enhancements
+
+- Add CLI shell-completion for context names. [docker/cli#6016](https://github.com/docker/cli/pull/6016)
+- Fix `docker images --tree` not including non-container images content size in the total image content size. [docker/cli#6000](https://github.com/docker/cli/pull/6000)
+- Fix `docker load` not preserving replaced images. [moby/moby#49650](https://github.com/moby/moby/pull/49650)
+- Fix `docker login` hints when logging in to a custom registry. [docker/cli#6015](https://github.com/docker/cli/pull/6015)
+- Fix `docker stats` not working properly on machines with high CPU core count. [moby/moby#49734](https://github.com/moby/moby/pull/49734)
+- Fix a regression causing `docker pull/push` to fail when interacting with a private repository. [docker/cli#5964](https://github.com/docker/cli/pull/5964)
+- Fix an issue preventing rootless Docker setup on a host with no `ip_tables` kernel module. [moby/moby#49727](https://github.com/moby/moby/pull/49727)
+- Fix an issue that could lead to unwanted iptables rules being restored and never deleted following a firewalld reload. [moby/moby#49728](https://github.com/moby/moby/pull/49728)
+- Improve CLI completion of `docker service scale`. [docker/cli#5968](https://github.com/docker/cli/pull/5968)
+- `docker images --tree` now hides both untagged and dangling images by default. [docker/cli#5924](https://github.com/docker/cli/pull/5924)
+- `docker system info` will provide an exit code if a connection cannot be established to the Docker daemon. [docker/cli#5918](https://github.com/docker/cli/pull/5918)
+- containerd image store: Fix `image tag` event not being emitted when building with BuildKit. [moby/moby#49678](https://github.com/moby/moby/pull/49678)
+- containerd image store: Improve `docker push/pull` handling of remote registry errors. [moby/moby#49770](https://github.com/moby/moby/pull/49770)
+- containerd image store: Show pull progress for non-layer image blobs. [moby/moby#49746](https://github.com/moby/moby/pull/49746)
+
+### Packaging updates
+
+- Add Debian "Trixie" packages. [docker/docker-ce-packaging#1181](https://github.com/docker/docker-ce-packaging/pull/1181)
+- Add Fedora 42 packages. [docker/containerd-packaging#418](https://github.com/docker/containerd-packaging/pull/418), [docker/docker-ce-packaging#1169](https://github.com/docker/docker-ce-packaging/pull/1169)
+- Add Ubuntu 25.04 "Plucky Puffin" packages. [docker/containerd-packaging#419](https://github.com/docker/containerd-packaging/pull/419), [docker/docker-ce-packaging#1177](https://github.com/docker/docker-ce-packaging/pull/1177)
+- Update BuildKit to [v0.21.0](https://github.com/moby/buildkit/releases/tag/v0.21.0). [moby/moby#49809](https://github.com/moby/moby/pull/49809)
+- Update Compose to [v2.35.0](https://github.com/docker/compose/releases/tag/v2.35.0). [docker/docker-ce-packaging#1183](https://github.com/docker/docker-ce-packaging/pull/1183)
+- Update Go runtime to [1.23.8](https://go.dev/doc/devel/release#go1.23.8). [docker/cli#5986](https://github.com/docker/cli/pull/5986), [docker/docker-ce-packaging#1180](https://github.com/docker/docker-ce-packaging/pull/1180), [moby/moby#49737](https://github.com/moby/moby/pull/49737)
+
+### Networking
+
+- Fix a bug causing host port-mappings on Swarm containers to be duplicated on `docker ps` and `docker inspect`. [moby/moby#49724](https://github.com/moby/moby/pull/49724)
+- Fix an issue that caused container network attachment to fail with error "Bridge port not forwarding". [moby/moby#49705](https://github.com/moby/moby/pull/49705)
+- Fix an issue with removal of a `--link` from a container in the default bridge network. [moby/moby#49778](https://github.com/moby/moby/pull/49778)
+- Improve how network-endpoint relationships are tracked to reduce the chance of the "has active endpoints" error to be wrongfully returned. [moby/moby#49736](https://github.com/moby/moby/pull/49736)
+- Improve the "has active endpoints" error message by including the name of endpoints still connected to the network being deleted. [moby/moby#49773](https://github.com/moby/moby/pull/49773)
+
+### API
+
+- Update API version to [v1.49](https://docs.docker.com/engine/api/v1.49/). [moby/moby#49718](https://github.com/moby/moby/pull/49718)
+- `GET /image/{name}/json` now supports a `platform` parameter allowing to specify which platform variant of a multi-platform image to inspect. [moby/moby#49586](https://github.com/moby/moby/pull/49586)
+- `GET /info` now returns a `FirewallBackend` containing information about the daemon's firewalling configuration. [moby/moby#49761](https://github.com/moby/moby/pull/49761)
+
+### Go SDK
+
+- Update minimum required Go version to go1.23. [docker/cli#5868](https://github.com/docker/cli/pull/5868)
+- cli/command/context: remove temporary `ContextType` field from JSON output. [docker/cli#5981](https://github.com/docker/cli/pull/5981)
+- client: Keep image references in canonical format where possible. [moby/moby#49609](https://github.com/moby/moby/pull/49609)
+
+### Deprecations
+
+- API: Deprecated `AllowNondistributableArtifactsCIDRs` and `AllowNondistributableArtifactsHostnames` fields in the `RegistryConfig` struct in the `GET /info` response are omitted in API v1.49. [moby/moby#49749](https://github.com/moby/moby/pull/49749)
+- API: Deprecated: The `ContainerdCommit.Expected`, `RuncCommit.Expected`, and `InitCommit.Expected` fields in the `GET /info` endpoint were deprecated in API v1.48, and are now omitted in API v1.49. [moby/moby#48556](https://github.com/moby/moby/pull/48556)
+- Go-SDK: cli/command/image: Deprecate `RunPull`: this function was only used internally and will be removed in the next release. [docker/cli#5975](https://github.com/docker/cli/pull/5975)
+- Go-SDK: cli/config/configfile: deprecate `ConfigFile.Experimental` field. Experimental CLI features are always enabled since version v20.10 and this field is no longer used. Use `ConfigFile.Features` instead for optional features. This field will be removed in a future release. [docker/cli#5977](https://github.com/docker/cli/pull/5977)
+- Go-SDK: deprecate `pkg/archive`, which was migrated to `github.com/moby/go-archive`. [moby/moby#49743](https://github.com/moby/moby/pull/49743)
+- Go-SDK: deprecate `pkg/atomicwriter`, which was migrated to `github.com/moby/sys/atomicwriter`. [moby/moby#49748](https://github.com/moby/moby/pull/49748)
+- Go-SDK: opts: remove deprecated `PortOpt`, `ConfigOpt`, `SecretOpt` aliases. [docker/cli#5953](https://github.com/docker/cli/pull/5953)
+- Go-SDK: registry: deprecate `APIEndpoint.Official` field. [moby/moby#49706](https://github.com/moby/moby/pull/49706)
+
 ## 28.0.4
 
 {{< release-date date="2025-03-25" >}}

content/reference/api/engine/version/v1.48.md

@@ -3,6 +3,4 @@ linkTitle: v1.48
 title: Docker Engine API v1.48 reference
 aliases:
   - /engine/api/v1.48/
-  - /engine/api/latest/
-  - /reference/api/engine/latest/
 ---

content/reference/api/engine/version/v1.49.md

@@ -0,0 +1,8 @@
+---
+linkTitle: v1.49
+title: Docker Engine API v1.49 reference
+aliases:
+  - /engine/api/v1.49/
+  - /engine/api/latest/
+  - /reference/api/engine/latest/
+---

go.mod

@@ -6,18 +6,18 @@ toolchain go1.24.1
 
 require (
 	github.com/docker/buildx v0.23.0 // indirect
-	github.com/docker/cli v28.0.4+incompatible // indirect
+	github.com/docker/cli v28.1.0-rc.2+incompatible // indirect
 	github.com/docker/compose/v2 v2.35.0 // indirect
 	github.com/docker/scout-cli v1.15.0 // indirect
 	github.com/moby/buildkit v0.21.0 // indirect
-	github.com/moby/moby v28.0.2+incompatible // indirect
+	github.com/moby/moby v28.1.0-rc.2+incompatible // indirect
 )
 
 replace (
 	github.com/docker/buildx => github.com/docker/buildx v0.23.0
-	github.com/docker/cli => github.com/docker/cli v28.0.2+incompatible
+	github.com/docker/cli => github.com/docker/cli v28.1.0-rc.2+incompatible
 	github.com/docker/compose/v2 => github.com/docker/compose/v2 v2.35.0
 	github.com/docker/scout-cli => github.com/docker/scout-cli v1.15.0
 	github.com/moby/buildkit => github.com/moby/buildkit v0.20.0
-	github.com/moby/moby => github.com/moby/moby v28.0.2+incompatible
+	github.com/moby/moby => github.com/moby/moby v28.1.0-rc.2+incompatible
 )

go.sum

@@ -164,6 +164,8 @@ github.com/docker/cli v28.0.1+incompatible h1:g0h5NQNda3/CxIsaZfH4Tyf6vpxFth7PYl
 github.com/docker/cli v28.0.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/cli v28.0.2+incompatible h1:cRPZ77FK3/IXTAIQQj1vmhlxiLS5m+MIUDwS6f57lrE=
 github.com/docker/cli v28.0.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/cli v28.1.0-rc.2+incompatible h1:BDhiR2nacubawpKAWFLqZmjGkARWPtYmUmy5gg4k/f8=
+github.com/docker/cli v28.1.0-rc.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
 github.com/docker/compose-cli v1.0.35 h1:uZyEHLalfqBS2PiTpA1LAULyJmuQ+YtZg7nG4Xl3/Cc=
 github.com/docker/compose-cli v1.0.35/go.mod h1:mSXI4hFLpRU3EtI8NTo32bNwI0UXSr8jnq+/rYjGAUU=
 github.com/docker/compose/v2 v2.22.0 h1:3rRz4L7tPU75wRsV8JZh2/aTgerQvPa1cpzZN+tHqUY=
@@ -410,6 +412,8 @@ github.com/moby/moby v28.0.1+incompatible h1:10ejBTwFhM3/9p6pSaKrLyXnx7QzzCmCYHA
 github.com/moby/moby v28.0.1+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
 github.com/moby/moby v28.0.2+incompatible h1:CZfEXXYP3TYmdaYw4llMj7NIHA++tQzDiPk8mtryjL4=
 github.com/moby/moby v28.0.2+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
+github.com/moby/moby v28.1.0-rc.2+incompatible h1:F9Ku4A7eCFvb9cYR/jk7sLC6U9+r2u4vzjwZQzv/EQc=
+github.com/moby/moby v28.1.0-rc.2+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
 github.com/moby/sys/symlink v0.1.0/go.mod h1:GGDODQmbFOjFsXvfLVn3+ZRxkch54RkSiGqsZeMYowQ=
 github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
 github.com/morikuni/aec v1.0.0/go.mod h1:BbKIizmSmc5MMPqRYbxO4ZU0S0+P200+tUnFx7PXmsc=

hugo.yaml

@@ -132,16 +132,16 @@ params:
   # Use `grep` to figure out how they might be used.
 
   # Latest version of the Docker Engine API
-  latest_engine_api_version: "1.48"
+  latest_engine_api_version: "1.49"
   # Latest version of Docker Engine
-  docker_ce_version: "28.0.4"
+  docker_ce_version: "28.1.0"
   # Previous version of the Docker Engine
   # (Used to show e.g., "latest" and "latest"-1 in engine install examples
-  docker_ce_version_prev: "28.0.3"
+  docker_ce_version_prev: "28.0.4"
   # Latest Docker Compose version
   compose_version: "v2.35.0"
   # Latest BuildKit version
-  buildkit_version: "0.20.2"
+  buildkit_version: "0.21.0"
 
   # Example runtime/library/os versions
   example_go_version: "1.23"