Skip to content

buildkit

vdockerfile/1.24.0 Feature

This release adds 1 notable feature for engineering teams evaluating rollout.

Published 21d Build & Package
✓ No known CVEs patched
Read the diff → Tool health → What is this tool? →

✓ No known CVEs patched in this version

Topics

builder buildkit cloud-native containers docker go
+1 more
oci-image

ReleasePort's take

Light signal
editorial:auto 13d

Dockerfile v1.24.0 eliminates leakage of LABEL values when using COPY --from across build stages.

Why it matters: Patch to Dockerfile/1.24.0 immediately; the bugfix prevents unintended exposure of sensitive metadata from intermediate stage images.

Summary

AI summary

Fix LABEL leakage when using COPY --from across stages.

Changes in this release

Feature Medium

Dockerfile supports special arg definitions SOURCE_DATE_EPOCH=context and SOURCE_DATE_EPOCH=<stage>.

Dockerfile supports special arg definitions SOURCE_DATE_EPOCH=context and SOURCE_DATE_EPOCH=<stage>.

Source: llm_adapter@2026-05-21

Confidence: high
Performance Medium

History entries for `HEALTHCHECK` instructions are formatted correctly.

History entries for `HEALTHCHECK` instructions are formatted correctly.

Source: llm_adapter@2026-05-21

Confidence: low
Bugfix Medium

`LABEL` value no longer leaks from stage linked via `COPY --from`.

`LABEL` value no longer leaks from stage linked via `COPY --from`.

Source: llm_adapter@2026-05-21

Confidence: high
Full changelog

Usage

# syntax=docker.io/docker/dockerfile-upstream:1.24.0

Notable changes

  • Dockerfile now supports special arg definitions SOURCE_DATE_EPOCH=context and SOURCE_DATE_EPOCH=<stage> which set the value of SOURCE_DATE_EPOCH to the timestamp associated with the remote context or the stage respectively. When building from a Git commit, the context timestamp is the commit timestamp, and when building from a remote URL, the timestamp is resolved from the metadata of files in the TAR archive or from the Last-Modified header of the URL #6602
  • Fix issue where in some cases LABEL value could incorrectly leak from stage linked via COPY --from #6713
  • Formatting of History entries for HEALTHCHECK instructions has been fixed #6664
View diff on GitHub

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Share on X Share on Bluesky

Track buildkit

Get notified when new releases ship.

Sign up free

About buildkit

concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit

All releases →

Related context

Beta — feedback welcome: [email protected]