The latest version of Docker Desktop introduces a number of new features, including resource usage monitor and vulnerability discovery. Additionally, Docker Desktop 4.14 adopts the latest Docker Engine, Docker Compose, and Containerd releases.
Leveraging Docker Desktop plugin system, the Resource Usage extension can be used to monitor how containers or Docker Compose projects consume resources, including CPU, memory, network, and I/O. The extension shows statistics for individual containers or aggregates them based on the Docker Compose project they belong to.
The extension, available on Docker Hub, allows you to find out which containers or Compose projects consume the most resources and to monitor the evolution of resource usage over time. It also allows you to start, stop, or restart containers, as well as to view container logs.
Docker Desktop 4.14 goes a great length to help developers identify vulnerabilities in package dependencies and images thanks to the new image detail view.
The new image detail view provides a complete dissection of your images, including each of the layers they are made of. Additionally, for each layer you get a detailed information about the packages they contain and a list of all the vulnerabilities they contribute. Vulnerabilities are classified according to their seveity as critical, high, medium, and low. The new image detail view, still in beta, will be rolled out over the coming weeks to the installed base.
Another new feature that will be welcome by all developers needing to share the details of how the docker run
was defined is the possibility of extracting that information from a running container. This makes it also possible to modify some parameters and run the container again.
As mentioned, Docker Desktop 4.14 updates all its major internal components. Worth of mention is the adoption of Docker Engine v20.10.21 which fixes a Git vulnerability enabling an attack leading to the potential disclosure of sensitive information stored outside of a repository on the victim's machine filesystem.