✓ No known CVEs patched in this version
Topics
+4 more
Affected surfaces
Summary
AI summaryUpdates v0.21.1 - 2026-05-29, What to do next?, and https://docs.dagger.io across a mixed release.
Changes in this release
| Type | Severity | Summary | CVE |
|---|---|---|---|
| Feature | Medium |
Adds native GraphQL interfaces and unified object IDs in DagQL Adds native GraphQL interfaces and unified object IDs in DagQL Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes Python SDK module registration by removing AST-based analyzer and using runtime introspection Fixes Python SDK module registration by removing AST-based analyzer and using runtime introspection Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes Go module generation to avoid unnecessary dependency churn in go.mod and go.sum files Fixes Go module generation to avoid unnecessary dependency churn in go.mod and go.sum files Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes registry authentication so withRegistryAuth credentials are not skipped and authenticated publishes continue working after anonymous pulls Fixes registry authentication so withRegistryAuth credentials are not skipped and authenticated publishes continue working after anonymous pulls Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes published image layer structure so withDirectory and withFile preserve expected layer boundaries instead of being squashed Fixes published image layer structure so withDirectory and withFile preserve expected layer boundaries instead of being squashed Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes Dockerfile RUN --mount=type=bind conversion for regular file bind sources, improving compatibility with file and directory mounts Fixes Dockerfile RUN --mount=type=bind conversion for regular file bind sources, improving compatibility with file and directory mounts Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes module source cache dependency retention, eliminating ephemeral missing shared result errors after cache persistence or engine restarts Fixes module source cache dependency retention, eliminating ephemeral missing shared result errors after cache persistence or engine restarts Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes cache entry size calculation during background and shutdown pruning Fixes cache entry size calculation during background and shutdown pruning Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes repeated 1Password secret reads by caching resolved values during a run, avoiding provider rate limits Fixes repeated 1Password secret reads by caching resolved values during a run, avoiding provider rate limits Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes Windows Changeset exports so RemovePaths cannot remove files outside the selected export root via path interpretation Fixes Windows Changeset exports so RemovePaths cannot remove files outside the selected export root via path interpretation Source: llm_adapter@2026-05-30 Confidence: high |
— |
| Bugfix | Medium |
Fixes dagger --x-release for tagged releases to download release artifacts correctly and prevent local runner environment leakage Fixes dagger --x-release for tagged releases to download release artifacts correctly and prevent local runner environment leakage Source: granite4.1:30b@2026-05-30-audit Confidence: low |
— |
Full changelog
v0.21.1 - 2026-05-29
Added
- Add native GraphQL interfaces and unified object IDs in DagQL by @vito in https://github.com/dagger/dagger/pull/12041
Dagger now exposes objects through the standardNodeinterface andIDscalar, enabling APIs to accept generic Dagger objects while preserving SDK compatibility through legacyFooIDandloadFooFromIDviews for older clients.
Fixed
- Python SDK: fix unhandled module registration cases and bugs by removing the AST-based module analyzer and returning to runtime introspection by @eunomie in https://github.com/dagger/dagger/pull/13251
- Fix Go module generation to avoid unnecessary dependency churn in generated
go.modandgo.sumfiles by @sipsma in https://github.com/dagger/dagger/pull/13244 - Fix registry authentication so
withRegistryAuthcredentials are not incorrectly skipped and authenticated publishes keep working after anonymous pulls to the same registry by @marcosnils + @sipsma in https://github.com/dagger/dagger/pull/13255 https://github.com/dagger/dagger/pull/13256 - Fix published image layer structure so
withDirectoryandwithFileoperations preserve expected layer boundaries instead of being squashed into a few large layers by @sipsma in https://github.com/dagger/dagger/pull/13242 - Fix Dockerfile
RUN --mount=type=bindconversion when the bind source selector points to a regular file, improving compatibility with file and directory bind mounts by @sipsma in https://github.com/dagger/dagger/pull/13273 - Fix module source cache dependency retention, including ephemeral
missing shared resulterrors after cache persistence or engine restarts by @sipsma in https://github.com/dagger/dagger/pull/13243 - Fix a bug where some cache entries did not have their size calculated during background and shutdown pruning by @sipsma in https://github.com/dagger/dagger/pull/13225
- Fix repeated
op://1Password secret reads by caching resolved 1Password secret values during a run, avoiding provider rate limits when the same secret is mounted or read multiple times by @matipan in https://github.com/dagger/dagger/pull/13249 - Fix Windows Changeset exports so
RemovePathsentries cannot remove files outside the selected export root through backslash or absolute-path interpretation by @marcosnils in https://github.com/dagger/dagger/pull/13222 - Fix
dagger --x-releasefor tagged releases so semver refs download release artifacts instead of looking in the main-build artifact namespace, and prevent local runner override environment from leaking into the re-executed CLI by @grouville in https://github.com/dagger/dagger/pull/13259
What to do next?
- Read the documentation
- Join our Discord server
- Follow us on Twitter
Weekly OSS security release digest.
The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.
No spam, unsubscribe anytime.
Share this release
About dagger
Automation engine to build, test and ship any codebase. Runs locally, in CI, or directly in the cloud
Beta — feedback welcome: [email protected]