docker · mohithshuka · Apr 9, 2026 · Apr 11, 2026 · Apr 12, 2026 · Apr 17, 2026
diff --git a/cli/command/container/cp.go b/cli/command/container/cp.go
@@ -159,7 +159,7 @@ container source to stdout.`,
 
 	flags := cmd.Flags()
 	flags.BoolVarP(&opts.followLink, "follow-link", "L", false, "Always follow symbol link in SRC_PATH")
-	flags.BoolVarP(&opts.copyUIDGID, "archive", "a", false, "Archive mode (copy all uid/gid information)")
+	flags.BoolVarP(&opts.copyUIDGID, "archive", "a", false, "Archive mode (preserve uid/gid from source when copying to container)")
 	flags.BoolVarP(&opts.quiet, "quiet", "q", false, "Suppress progress output during copy. Progress output is automatically suppressed if no terminal is attached")
 	return cmd
 }

diff --git a/cli/command/container/opts.go b/cli/command/container/opts.go
@@ -504,6 +504,11 @@ func parse(flags *pflag.FlagSet, copts *containerOptions, serverOS string) (*con
 	}
 
 	// collect all the environment variables for the container
+	for _, ef := range copts.envFile.GetSlice() {
+    if _, err := os.Stat(ef); os.IsNotExist(err) {
+        return nil, fmt.Errorf("env file not found: %s", ef)
+    }
+	}	
 	envVariables, err := opts.ReadKVEnvStrings(copts.envFile.GetSlice(), copts.env.GetSlice())
 	if err != nil {
 		return nil, err

diff --git a/cli/command/formatter/container.go b/cli/command/formatter/container.go
@@ -364,6 +364,24 @@ func DisplayablePorts(ports []container.PortSummary) string {
 	var result []string
 	var hostMappings []string
 	var groupMapKeys []string
+
+	// Pre-pass: record which (hostPort, privatePort, proto) tuples have an
+	// IPv4 wildcard (0.0.0.0) binding. Used below to suppress the matching
+	// IPv6 wildcard (::) entry, avoiding duplicate output such as:
+	//   0.0.0.0:8080->80/tcp, :::8080->80/tcp
+	// See: https://github.com/docker/cli/issues/6869
+	type mappingKey struct {
+		hostPort    uint16
+		privatePort uint16
+		proto       string
+	}
+	ipv4Bindings := make(map[mappingKey]bool)
+	for _, port := range ports {
+		if port.IP.String() == "0.0.0.0" && port.PublicPort != 0 {
+			ipv4Bindings[mappingKey{port.PublicPort, port.PrivatePort, port.Type}] = true
+		}
+	}
+
 	sort.Slice(ports, func(i, j int) bool {
 		return comparePorts(ports[i], ports[j])
 	})
@@ -373,6 +391,18 @@ func DisplayablePorts(ports []container.PortSummary) string {
 		portKey := port.Type
 		if port.IP.IsValid() {
 			if port.PublicPort != current {
+				// Suppress the IPv6 wildcard entry when an IPv4 wildcard
+				// entry already covers the same (hostPort, privatePort, proto)
+				// tuple. This merges:
+				//   0.0.0.0:8080->80/tcp, :::8080->80/tcp
+				// into the cleaner:
+				//   0.0.0.0:8080->80/tcp
+				if port.IP.Is6() && !port.IP.Is4In6() && port.IP.IsUnspecified() {
+					key := mappingKey{port.PublicPort, port.PrivatePort, port.Type}
+					if ipv4Bindings[key] {
+						continue
+					}
+				}
 				hAddrPort := net.JoinHostPort(port.IP.String(), strconv.Itoa(int(port.PublicPort)))
 				hostMappings = append(hostMappings, fmt.Sprintf("%s->%d/%s", hAddrPort, port.PrivatePort, port.Type))
 				continue
@@ -435,4 +465,4 @@ func comparePorts(i, j container.PortSummary) bool {
 	}
 
 	return i.Type < j.Type
-}
+}
diff --git a/cli/command/image/list.go b/cli/command/image/list.go
@@ -176,7 +176,7 @@ func shouldUseTree(options imagesOptions) (bool, error) {
 
 // isDangling is a copy of [formatter.isDangling].
 func isDangling(img image.Summary) bool {
-	if len(img.RepoTags) == 0 {
+	if len(img.RepoTags) == 0 && len(img.RepoDigests) == 0 {
 		return true
 	}
 	return len(img.RepoTags) == 1 && img.RepoTags[0] == "<none>:<none>" && len(img.RepoDigests) == 1 && img.RepoDigests[0] == "<none>@<none>"

diff --git a/cli/command/volume/prune.go b/cli/command/volume/prune.go
@@ -57,7 +57,7 @@ func newPruneCommand(dockerCLI command.Cli) *cobra.Command {
 	flags.BoolVarP(&options.all, "all", "a", false, "Remove all unused volumes, not just anonymous ones")
 	flags.SetAnnotation("all", "version", []string{"1.42"})
 	flags.BoolVarP(&options.force, "force", "f", false, "Do not prompt for confirmation")
-	flags.Var(&options.filter, "filter", `Provide filter values (e.g. "label=<label>")`)
+	flags.Var(&options.filter, "filter", `Provide filter values (e.g. "label=<label>" or "label!=<label>")`)
 
 	return cmd
 }

@@ -16,7 +16,7 @@ container source to stdout.
 
 | Name                  | Type   | Default | Description                                                                                                  |
 |:----------------------|:-------|:--------|:-------------------------------------------------------------------------------------------------------------|
-| `-a`, `--archive`     | `bool` |         | Archive mode (copy all uid/gid information)                                                                  |
+| `-a`, `--archive`     | `bool` |         | Archive mode (preserve uid/gid from source when copying to container)                                        |
 | `-L`, `--follow-link` | `bool` |         | Always follow symbol link in SRC_PATH                                                                        |
 | `-q`, `--quiet`       | `bool` |         | Suppress progress output during copy. Progress output is automatically suppressed if no terminal is attached |
 

@@ -16,7 +16,7 @@ container source to stdout.
 
 | Name                  | Type   | Default | Description                                                                                                  |
 |:----------------------|:-------|:--------|:-------------------------------------------------------------------------------------------------------------|
-| `-a`, `--archive`     | `bool` |         | Archive mode (copy all uid/gid information)                                                                  |
+| `-a`, `--archive`     | `bool` |         | Archive mode (preserve uid/gid from source when copying to container)                                        |
 | `-L`, `--follow-link` | `bool` |         | Always follow symbol link in SRC_PATH                                                                        |
 | `-q`, `--quiet`       | `bool` |         | Suppress progress output during copy. Progress output is automatically suppressed if no terminal is attached |
 

@@ -334,7 +334,7 @@ container:
 | `-m`, `--memory=""`        | Memory limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`. Minimum is 6M.                                                                                                                                                        |
 | `--memory-swap=""`         | Total memory limit (memory + swap, format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`.                                                                                                                                                  |
 | `--memory-reservation=""`  | Memory soft limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`.                                                                                                                                                                  |
-| `--kernel-memory=""`       | Kernel memory limit (format: `<number>[<unit>]`). Number is a positive integer. Unit can be one of `b`, `k`, `m`, or `g`. Minimum is 4M.                                                                                                                                                 |
+| `--kernel-memory=""`       | **Deprecated**: Kernel memory limit. Deprecated in Docker v20.10, and removed in Docker v23.0. This option is ignored when set.                                                                                                                                                          |
 | `-c`, `--cpu-shares=0`     | CPU shares (relative weight)                                                                                                                                                                                                                                                             |
 | `--cpus=0.000`             | Number of CPUs. Number is a fractional number. 0.000 means no limit.                                                                                                                                                                                                                     |
 | `--cpu-period=0`           | Limit the CPU CFS (Completely Fair Scheduler) period                                                                                                                                                                                                                                     |
@@ -502,6 +502,15 @@ less likely to be killed, and positive scores more likely.
 
 ### Kernel memory constraints
 
+> **Deprecated**
+>
+> The `--kernel-memory` option was deprecated in Docker v20.10 and removed in
+> Docker v23.0. The Linux kernel deprecated `kmem.limit_in_bytes` in kernel
+> v5.4, and OCI runtimes such as runc no longer support this option. Docker API
+> v1.42 and later ignores this option when set. Do not use `--kernel-memory` in
+> new configurations. For more details, see the
+> [Deprecated features](https://docs.docker.com/engine/deprecated/) page.
+
 Kernel memory is fundamentally different than user memory as kernel memory can't
 be swapped out. The inability to swap makes it possible for the container to
 block system services by consuming too much kernel memory. Kernel memory includes：