From 15e67a3407921fbfc83807c7388be49d517f7704 Mon Sep 17 00:00:00 2001
From: Mario Loriedo <mario.loriedo@gmail.com>
Date: Wed, 26 Nov 2025 11:49:47 +0100
Subject: [PATCH 1/4] Use $BINDIR as the default helper binary directory on
 Windows

The default helper binary directory on Windows was hardcoded. However
the new user-scope installer deploys the binaries on a distinct
directory. As a consequence `podman machine start` fails because
gvproxy/winssh-proxy cannot be found.

This problem affects Hyper-V, not WSL.

To fix the problem we are using $BINDIR that is used by the function
FindHelperBinaries to look in the directory where podman is located.

Fixes https://github.com/containers/podman/issues/27603

Signed-off-by: Mario Loriedo <mario.loriedo@gmail.com>
---
 common/pkg/config/config_windows.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/common/pkg/config/config_windows.go b/common/pkg/config/config_windows.go
index bbaac5ad5c..9caf89dc42 100644
--- a/common/pkg/config/config_windows.go
+++ b/common/pkg/config/config_windows.go
@@ -31,5 +31,7 @@ func overrideContainersConfigPath() (string, error) {
 }
 
 var defaultHelperBinariesDir = []string{
-	"C:\\Program Files\\RedHat\\Podman",
+	// FindHelperBinaries(), as a convention, interprets $BINDIR as the
+	// directory where the current process binary (i.e. podman) is located.
+	"$BINDIR",
 }

From b134ef03a769ed1764d524e45d0e81a3cca8c2df Mon Sep 17 00:00:00 2001
From: Paul Holzinger <pholzing@redhat.com>
Date: Fri, 21 Nov 2025 18:13:15 +0100
Subject: [PATCH 2/4] common: clarify containers.conf doc for env

When using http proxy vars in the engine section they can still get
leaked because http_proxy defaults to true.

Fixes: https://issues.redhat.com/browse/RHEL-127541

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
(cherry picked from commit d205608c8509f768ac9e55d2e3bb4b814fbb1e5f)
Signed-off-by: Paul Holzinger <pholzing@redhat.com>
---
 common/docs/containers.conf.5.md          | 11 +++++++----
 common/pkg/config/containers.conf         | 18 +++++++++++-------
 common/pkg/config/containers.conf-freebsd | 18 +++++++++++-------
 3 files changed, 29 insertions(+), 18 deletions(-)

diff --git a/common/docs/containers.conf.5.md b/common/docs/containers.conf.5.md
index a7f233709c..f5c247f01f 100644
--- a/common/docs/containers.conf.5.md
+++ b/common/docs/containers.conf.5.md
@@ -298,9 +298,9 @@ Logging driver for the container. Currently available options are k8s-file, jour
 
 **log_path**=""
 
-Default path for container logs to be stored in. When empty, logs will be stored 
+Default path for container logs to be stored in. When empty, logs will be stored
 in the container's default storage and removed when the container is removed.
-A subdirectory named with the container ID will be created under the specified 
+A subdirectory named with the container ID will be created under the specified
 path, and the log file will have the default name `ctr.log` within that directory.
 This option can be overridden by the `--log-opt` flag.
 
@@ -621,10 +621,13 @@ Disabling this can save memory.
 
 **env**=[]
 
-Environment variables to be used when running the container engine (e.g., Podman, Buildah). For example "http_proxy=internal.proxy.company.com".
-Note these environment variables will not be used within the container. Set the env section under [containers] table,
+Environment variables to be used when running the container engine (e.g., Podman, Buildah). For example "MYVAR=value".
+These environment variables will not be used within the container. Set the env section under the [containers] table,
 if you want to set environment variables for the container.
 
+Note when using this to set http proxy variables then they might get leaked into the container depending on
+if `http_proxy` (under the [containers] table) is set to to true (default) or false.
+
 **events_logfile_path**=""
 
 Define where event logs will be stored, when events_logger is "file".
diff --git a/common/pkg/config/containers.conf b/common/pkg/config/containers.conf
index 2e392d048e..1c9fe54c37 100644
--- a/common/pkg/config/containers.conf
+++ b/common/pkg/config/containers.conf
@@ -216,12 +216,12 @@ default_sysctls = [
 #
 #log_driver = "k8s-file"
 
-# Default path for container logs to be stored in. When empty, logs will be stored 
+# Default path for container logs to be stored in. When empty, logs will be stored
 # in the container's default storage and removed when the container is removed.
-# A subdirectory named with the container ID will be created under the specified 
+# A subdirectory named with the container ID will be created under the specified
 # path, and the log file will have the default name `ctr.log` within that directory.
 # This option can be overridden by the `--log-opt` flag.
-# 
+#
 #log_path = ""
 
 # Maximum size allowed for the container log file. Negative numbers indicate
@@ -542,10 +542,14 @@ default_sysctls = [
 #
 #enable_port_reservation = true
 
-# Environment variables to be used when running the container engine (e.g., Podman, Buildah).
-# For example "http_proxy=internal.proxy.company.com".
-# Note these environment variables will not be used within the container.
-# Set the env section under [containers] table, if you want to set environment variables for the container.
+# Environment variables to be used when running the container engine (e.g.,
+# Podman, Buildah). For example "MYVAR=value". These environment variables
+# will not be used within the container. Set the env section under the
+# [containers] table, if you want to set environment variables for the
+# container.
+# Note when using this to set http proxy variables then they might get
+# leaked into the container depending on if `http_proxy` (under the
+# [containers] table) is set to to true (default) or false.
 #
 #env = []
 
diff --git a/common/pkg/config/containers.conf-freebsd b/common/pkg/config/containers.conf-freebsd
index bd999c339c..6a8163066e 100644
--- a/common/pkg/config/containers.conf-freebsd
+++ b/common/pkg/config/containers.conf-freebsd
@@ -169,12 +169,12 @@ default_sysctls = [
 #
 #log_driver = "k8s-file"
 
-# Default path for container logs to be stored in. When empty, logs will be stored 
+# Default path for container logs to be stored in. When empty, logs will be stored
 # in the container's default storage and removed when the container is removed.
-# A subdirectory named with the container ID will be created under the specified 
+# A subdirectory named with the container ID will be created under the specified
 # path, and the log file will have the default name `ctr.log` within that directory.
 # This option can be overridden by the `--log-opt` flag.
-# 
+#
 #log_path = ""
 
 # Maximum size allowed for the container log file. Negative numbers indicate
@@ -393,10 +393,14 @@ default_sysctls = [
 #
 #enable_port_reservation = true
 
-# Environment variables to be used when running the container engine (e.g., Podman, Buildah).
-# For example "http_proxy=internal.proxy.company.com".
-# Note these environment variables will not be used within the container.
-# Set the env section under [containers] table, if you want to set environment variables for the container.
+# Environment variables to be used when running the container engine (e.g.,
+# Podman, Buildah). For example "MYVAR=value". These environment variables
+# will not be used within the container. Set the env section under the
+# [containers] table, if you want to set environment variables for the
+# container.
+# Note when using this to set http proxy variables then they might get
+# leaked into the container depending on if `http_proxy` (under the
+# [containers] table) is set to to true (default) or false.
 #
 #env = []
 

From 0799dfdfcbb09a08f4dac35365f8b25acd10caf0 Mon Sep 17 00:00:00 2001
From: tomsweeneyredhat <tsweeney@redhat.com>
Date: Fri, 5 Dec 2025 15:19:54 -0500
Subject: [PATCH 3/4] Bump common to v0.66.1

Bump common to v0.66.1 in preparation for Podman v5.7

Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
---
 common/version/version.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/version/version.go b/common/version/version.go
index ad62f22ac3..69b597ef70 100644
--- a/common/version/version.go
+++ b/common/version/version.go
@@ -1,4 +1,4 @@
 package version
 
 // Version is the version of the build.
-const Version = "0.66.0"
+const Version = "0.66.1"

From f17f110e05565423de9fc33cf61deaf442055547 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= <mitr@redhat.com>
Date: Mon, 8 Dec 2025 20:21:52 +0100
Subject: [PATCH 4/4] TEST: Try relying on GitHub for the merge base
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Miloslav Trmač <mitr@redhat.com>
---
 .github/workflows/validate.yml | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
index d86c524c70..c47276c3f8 100644
--- a/.github/workflows/validate.yml
+++ b/.github/workflows/validate.yml
@@ -88,7 +88,11 @@ jobs:
 
       # We validate all commits as we only fetched the number of commits in the PR above,
       # by default git-validation has some special github action handling but that seems broken.
-      run: make .install.gitvalidation && git-validation -no-github
+      run: |
+        echo "BASE_SHA=${{ github.event.pull_request.base.sha }}"
+        echo "HEAD_SHA=${{ github.event.pull_request.head.sha }}"
+        echo HEAD=$(git rev-parse HEAD)
+        make .install.gitvalidation && git-validation -D -range "${{ github.event.pull_request.base.sha }}..HEAD"
 
   go-vendor:
     runs-on: ubuntu-24.04