Dagger
GitHub stars
Quickstart
GitHub stars Quickstart
In development

Modules v2

A major upgrade to how modules interact with your project. Modules get a typed API to your workspace, replacing rigid sandbox constraints with dynamic context — less complexity for developers, more control for platform engineers.

Today, modules can't see your project structure unless you thread it through manually with custom boilerplate code, wrapper shell scripts, and static path patterns. Modules v2 changes this with a typed Workspace argument that replaces +defaultPath and +ignore pragmas with real code — capable of parsing config files, efficiently traversing directory trees, and adapting to any project layout and scale. A new .dagger/config.toml file declares which modules your project uses and how to configure them, in human-editable TOML. The module author handles the complexity; you just install and configure. A lockfile pins module versions for reproducible resolution across teams.

Main PR (#11812) Workspace API & caching (#11874) Plumbing & compat (#11995)
cloud

Cloud Checks

A complete replacement for your CI platform. Cloud Checks connects to your Git provider and triggers dagger check on every change, auto-scaled on Cloud Engines — no YAML, no vendor syntax, no orchestration layer. In early access.

If your CI logic is in Dagger modules, and your CI infrastructure is on Cloud Engines — you don't need a third-party CI platform to glue them together. Cloud Checks processes Git events and runs your checks on managed infrastructure that scales with your team. Just your modules, your checks, and nothing else. We've already unplugged GitHub Actions for our own CI — join our Discord if you want in.

Cloud Engines Join Discord for early access

Faster dagger connect

Engine connection time is roughly cut in half. Every dagger command pays this cost, so the speedup is felt across the board, especially on remote Docker contexts.

PR #11769
Next release ~May 2026

A lockfile for your CI

You already lock your npm packages, Go modules, and Rust crates. But every FROM alpine:latest, every git checkout main is still an unlocked, mutable dependency. A supply chain attack can swap what a tag points to overnight. .dagger/lock pins container image tags, git branches, and HTTP fetches to their resolved values, committed to version control like any other lockfile. Your pipeline either reproduces exactly or fails clearly.

Run --lock=live once to record what every lookup resolves to. Use --lock=pinned in CI to reuse pinned entries and resolve any new lookups. Use --lock=frozen for hardened pipelines: anything not already locked is a hard error, not a silent substitution. 

dagger --lock=live call build    # record resolved values
dagger --lock=pinned call build  # reuse pins, resolve new lookups
dagger --lock=frozen call build  # lockfile only, fail on miss
dagger lock update               # refresh all locked entries
PR #12046 Design doc

Project Theseus: removing BuildKit

The largest engine change since the project began. Dagger is replacing BuildKit's solver with its own native engine, unlocking robust remote caching, cache observability, and more flexible module execution.

Every container operation delegated to BuildKit is being reimplemented natively in Dagger's DAG engine. Internally called 'Project Theseus' — after the Ship of Theseus — the team has spent over a year replacing BuildKit's internals one plank at a time, shipping continuously at every step. The key was a transitional facade layer called DagOp: each operation (git, HTTP, container exec, file and directory operations, exports) was individually lifted out of BuildKit and into Dagger's own engine. Over 50 PRs later, the facade has served its purpose and is being removed. In its place: a caching engine built on e-graphs — a data structure from compiler optimization research that tracks equivalences between operations, maximizing cache hit rates beyond what any conventional build cache can achieve. The new cache has a single, understandable code path for key calculation and lookup. A long-standing caching bug was fixed without anyone investigating it — the scenario that confused BuildKit's two intertwined caching systems is simply handled correctly by a system simple enough to reason about.

PR #11856 Tracking issue #10367 Issue #8955 (fixed accidentally)

`dagger check` catches stale generated code

Generated files that fall out of sync with their source are now caught automatically by dagger check. Any function marked as a generator is re-run during checks — if the output would change, the check fails. No setup required. Use --no-generate to skip generators.

PR #12923

Speed

dagger generate no longer spikes to 30GB+ RSS on large module graphs. Long withDirectory chains no longer re-materialize at every step, cutting wall time by 22–29% on real workloads.

PR #13117 PR #13124

Stability

When a bound service exits, dependent operations are cancelled and the failure is surfaced instead of hanging. Enum arguments now show their default values in --help. Git checkouts no longer get epoch-zero timestamps that confuse Maven and similar tools. Remote git tree fetches after a cache prune no longer fail. Python SDK type aliases and union annotations resolve correctly. The synthetic with field no longer clutters dagger functions output. Nested client session races and toolchain cache identity bugs are fixed.

PR #13099 PR #13068 PR #13151 PR #13141 PR #13095 PR #13149 PR #13012 PR #13108 PR #13047
v0.20.8 May 6, 2026

LLM tool calls work on AWS Bedrock

Module functions without doc strings now get a fallback tool description instead of an empty one. Providers like AWS Bedrock reject empty descriptions, so dagger mcp and LLM integrations silently dropped those functions. They're now visible to all providers.

PR #12857

Stability

Engine hangs from stuck runc processes on short-lived containers are fixed. dagger mcp once again exposes workspace module functions. Toolchain defaults correctly invalidate the function cache. Remote toolchains resolve +defaultPath from the right repo. Docker-backed engines in cgroup subgroups start correctly. Nested NO_COLOR settings are preserved. Git credential errors include stderr for easier diagnosis. Dang SDK modules no longer time out loading Go or TypeScript dependencies. Python SDK calls no longer stall on OTel metrics warnings, and new modules no longer pull redundant images.

PR #13078 PR #13030 PR #13047 PR #12991 PR #12999 PR #13076 PR #13048 PR #12975 PR #13013 PR #13027 PR #12835 PR #12890
Dagger Cloud May 2026
cloud

Test-aware CI

Most CI platforms treat test results as opaque log output — you paste in a JUnit XML parser, wire up a third-party dashboard, and hope the formatting holds. Dagger Cloud understands your tests natively. It detects OpenTelemetry test semantic conventions in your traces and renders a built-in test explorer: full hierarchy, pass/fail/skip status, logs, and duration for every test. No plugins, no configuration, no separate test analytics product. Any framework that emits standard OTel test attributes lights up automatically.

cloud

Shareable trace links from the CLI

The Cloud dashboard now shows a copyable dagger trace <id> command for every trace. Paste it in a terminal to replay the full trace locally, or share it with a teammate. Works with any trace visible to your organization.

cloud

Cloud Engines: scheduler v2

A new engine allocation scheduler is now the default for Cloud Engines. It assigns compute slots more efficiently and supports continuous per-customer tuning based on run history.

cloud

Automatic cache volume cleanup

Stale cache volumes on Cloud Engines are now cleaned up automatically. No manual intervention required — disk usage stays predictable as your team scales.

cloud

Cloud Checks: unified engine pool

Cloud Checks no longer uses a separate engine pool to scan modules. Module loading now runs on the same Cloud Engines that execute your pipelines, reducing overhead and simplifying the infrastructure.

cloud

Stability

The dashboard rerun button works again and engine version is now displayed in run details.

v0.20.6 Apr 15, 2026

Fail-fast mode for dagger check

A new --failfast flag cancels remaining checks as soon as one fails. Designed to give AI agents a faster feedback loop — instead of waiting for an entire suite to finish, agents get the first failure immediately and can start fixing it. 

dagger check --failfast
PR #11956

dagger up

The third standard workflow verb, joining dagger check and dagger generate. One command starts all services in your workspace — discovered automatically, started in parallel, ports tunneled to your host.

Annotate any function that returns a Service with +up, and dagger up discovers it across your workspace — including services from your dependencies. Port collisions are caught before anything starts, and container health checks gate readiness automatically. No YAML, no separate orchestration layer — just functions in your modules, composed through the same engine that runs your builds and tests. 

dagger up

dagger up --list

dagger up web redis
PR #11959

Go SDK improvements

Go codegen now splits dependency types into separate files — one per dependency instead of one monolithic dagger.gen.go. Makes it easy to see which generated code belongs to which dependency, and sets up automatic cleanup when dependencies are removed.

PR #11962

Polish

Directory.chown and File.chown now accept usernames and group names — no more looking up numeric UIDs. Module constructors can take secret and string arrays with local defaults. Small refinements that remove friction from everyday use.

PR #12128 PR #12898

Stability

Dotenv values and CLI arguments are no longer incorrectly expanded when they should be literal. Container.from now correctly caches image layers on fresh engines. The TUI no longer thrashes output in tmux and Neovim terminals. COPY --exclude and COPY --parents now work in Dockerfiles.

PR #11957 PR #12861 PR #12874 PR #12896
v0.20.2 Mar 19, 2026

Dang: a Dagger-native language

A scripting language designed specifically for Dagger, now with a native runtime built into the engine. Dang loads types directly from the engine at runtime — no codegen, near-instant startup, and concise syntax that's a natural fit for AI-assisted development.

Traditional Dagger SDKs generate client code from the API schema before your module can run. Dang skips this entirely: it introspects the schema at runtime and makes every Dagger type a native language type. With the new native runtime, Dang modules run directly inside the engine without the usual module loading overhead — no container startup, no process coordination. An entire module with multiple functions and types fits in under a hundred lines.

github.com/vito/dang PR #12008

New terminal UI

A ground-up rebuild of the interactive TUI. Output uses your terminal's native scrollback — scroll freely, click links, select text — no more fixed viewport. Also adds inline search with /.

The old framework (Bubbletea) has been replaced with a new rendering engine built on Tuist, a TUI framework designed for infinite scrollback. Each span in the trace tree is an independent component with its own render cache — only components whose data changed get repainted, using line-level diffs to minimize terminal I/O. The result: a TUI that feels like normal terminal output, but with the rich structure of a trace viewer. Mouse input is no longer captured, so scrolling always works.

PR #11952

Vault OIDC authentication

The Vault secret provider now supports OIDC login. If no token or environment credentials are set, Dagger opens your browser for OIDC authentication and caches the token with automatic expiry — no manual token management needed.

PR #11929

Stability

Running Dagger inside a container with a mounted git worktree no longer crashes. Module dependencies pinned by branch or tag name instead of commit SHA now resolve correctly — a regression from the faster Git fetch optimization. The CLI no longer exits 0 when a command actually failed. Containers now run with --init to reap zombie processes. Fixed a schema loading cache regression that could cause incorrect module resolution. Cached git auth secrets that go missing no longer cause fatal errors. The TUI no longer steals focus from form inputs.

PR #11999 PR #12000 PR #12001 PR #11990 PR #11991 PR #12021 PR #12030
Dagger Cloud March 2026
cloud

Cloud Engines

Fully managed Dagger engines with auto-scaling and distributed caching. Run dagger --cloud and your pipelines execute in the cloud — with your local context preserved seamlessly. Currently in early access.

No Kubernetes daemonsets, no handrolled load balancing, no cache distribution headaches. Compute and cache run in the cloud, but local secrets, service dependencies, configuration, files, and terminal are securely streamed — all available to your pipeline as if it were running on your machine. Run your full integration test suite with the compute and cache of your production CI, against your uncommitted changes, with secrets from your personal vault. We use Cloud Engines in production for our own CI and are onboarding early access customers.

Join Discord for early access
v0.20.1 Mar 5, 2026

Faster Git remote fetches

Remote Git fetches now skip tag transfer by default, cutting cold fetch time by ~80% on tag-heavy repos. A bounded retry handles servers that reject direct SHA fetches.

PR #11909

Service API honors Docker healthchecks

Services can now use Docker HEALTHCHECK commands to determine readiness, replacing the default port-based check. Define healthchecks in a Dockerfile or with the new withHealthcheck() API. 

srv := dag.Container().
  From("python").
  WithDefaultArgs([]string{"python", "-m", "http.server", "8080"}).
  WithHealthcheck([]string{"curl", "-sf", "http://localhost:8080/"},
    dagger.ContainerWithHealthcheckOpts{
      Timeout:   "3s",
      Retries:   3,
    }).
  AsService()
PR #11911 PR #11951

Improved Changeset API

The Changeset API now supports creating empty changesets and merging arrays of them in one call. When a function returns multiple changesets, the CLI merges them and offers one combined apply prompt.

PR #11926 PR #11940

Faster Java SDK builds

The Java SDK runtime now invokes Maven with --threads 1C by default, using one thread per CPU for better build throughput on multi-core machines.

PR #11925
v0.20.3 Mar 19, 2026
v0.20 Feb 26, 2026

Targeted local-cache pruning

Manual local-cache pruning now supports explicit space thresholds, so teams running with automatic GC disabled can prune predictably without changing global policy.

Set per-call overrides for max used space, reserved space, minimum free space, and target space.

PR #11830
Dagger Cloud February 2026
cloud

More reliable GitHub Checks integration

Dagger Cloud now integrates more reliably with GitHub Checks. Checks move to queued as soon as events are received, continue running even when GitHub API calls are delayed, and avoid noisy failures in repositories without a dagger.json module config. We also expanded commit-status reporting beyond Native CI workflows, so per-check results appear more consistently with direct links back to traces.

Try it
cloud

Checks keep running during GitHub outages

Dagger Cloud checks no longer block on GitHub API availability. If GitHub is delayed or temporarily unavailable, checks continue running and status updates are handled asynchronously, reducing flaky failures during incidents.

Try it
v0.19.11 Feb 5, 2026

Dagger Generate

We added dagger generate for code and config generation workflows. Mark generator functions in your module, return Changesets, and Dagger runs and merges them in one pass.

Great for generated clients, repo scaffolding, and config drift cleanup without stitching together shell scripts. 

dagger generate
PR #11779
v0.19.10 Jan 14, 2026
Dagger Cloud January 2026
cloud

Dagger Cloud v3

Dagger Cloud v3 delivers a new WebAssembly-based UI with better trace navigation, clearer error surfacing, and much faster handling of large traces and log volumes.

To opt in, sign in to dagger.cloud and switch the top-right toggle to v3.

Blog post Try Dagger Cloud v3 app
v0.19.9 Jan 7, 2026

File metadata API

directory.stat() and container.stat() expose metadata directly through the API, removing brittle shell parsing for common file-inspection tasks.

PR #11403
v0.19.8 Dec 5, 2025

JSON API

Lightweight JSON edits are now practical inside Dagger pipelines. Instead of shelling out to jq, read, modify, and write JSON through typed APIs. 

@func()
async setPackageManager(src: Directory): Promise<Directory> {
  const updated = src
    .file("package.json")
    .asJSON()
    .withField(["packageManager"], dag.json().newString("pnpm@10.5.2"))

  return src.withFile(
    "package.json",
    dag.file("package.json", await updated.contents({ pretty: true })),
  )
}
PR #11408

Faster file copies

WithDirectory and WithFile were optimized to avoid unnecessary disk copies in more cases, cutting avoidable I/O overhead in common workflows.

PR #11497
v0.19.7 Nov 20, 2025

Dagger Checks

dagger check gives module developers one command to run validation anywhere: local dev, CI, and agents. Define checks once, run them consistently everywhere.

Checks are supported in Go, Python, and TypeScript, with Java support added in v0.19.11. 

dagger check

dagger check -l

dagger check 'lint-*'
Checks docs Java support PR #11704
v0.19.5 Nov 5, 2025
v0.19.4 Oct 30, 2025

Function Cache Control

Before this change, Dagger cached all system functions but not module developers' own functions. We couldn't safely infer purity from side effects, so default caching could have broken behavior.

Now module developers can explicitly set cache policy per function. With explicit control in place, default caching can improve performance safely. 

@func() // pure function: default TTL caching
async test(): Promise<string> { ... }

@func({ cache: "15m" }) // refresh external data periodically
async latestBaseDigest(): Promise<string> { ... }

@func({ cache: "never" }) // side effects: always execute
async deploy(): Promise<string> { ... }
Function caching docs PR #10975
v0.19 Sep 30, 2025

Changeset API

The new Changeset type lets module developers return a directory diff as an artifact, so generated files can be previewed and applied cleanly from the CLI.

0.19 blog post

Container.combinedOutput

Need stdout and stderr exactly as emitted? Container.combinedOutput returns a single merged stream, so module developers can handle real command output without stitching streams back together. 

dagger shell -c 'container | from alpine | with-exec ls,-l,/etc/fstab,/etc/non-existent --expect=any | combined-output'
0.19 blog post

Address API

The new address API exposes Dagger's CLI-style reference parsing to modules, so module developers can turn user input into typed objects without reimplementing parsing logic.

0.19 blog post
cloud

Cloud.traceURL

Modules can now fetch the current Dagger Cloud trace URL directly. This makes it easy to publish clickable run links in logs, summaries, and CI notifications. 

traceURL, err := dag.Cloud().TraceURL(ctx)
if err != nil {
  return "", err
}
return traceURL, nil
0.19 blog post Dagger Cloud

Git reference introspection APIs

Git-heavy modules got better primitives for reasoning about repository state: gitRepository.url, gitRepository.branches, gitRepository.latestVersion, and gitRef.commonAncestor.

Together, these APIs make it much easier to resolve origins, enumerate refs, pick stable versions, and compute merge bases without shelling out.

0.19 blog post PR #10959 (`gitRepository.url`) PR #10250 (`gitRepository.branches`) PR #10679 (`gitRepository.latestVersion`) PR #10849 (`gitRef.commonAncestor`)
v0.18.5 Apr 25, 2025
v0.18 Mar 31, 2025

Dagger Shell

Dagger Shell brought bash-style syntax to Dagger's typed, container-native execution model. You get shell ergonomics with cached, reproducible pipelines and sandboxed-by-default execution.

It also made it easier to compose bigger workflows in one place: simple shell pipelines for day-to-day work, code when logic grows, all on the same system. 

container |
  from alpine |
  with-exec apk add git
0.18 blog post Shell docs
v0.17.1 Mar 24, 2025
v0.16 Feb 19, 2025