diff --git a/reports/containerd_release_v2.2.1_20251218_174025.json b/reports/containerd_release_v2.2.1_20251218_174025.json
new file mode 100644
index 0000000..2cf5801
--- /dev/null
+++ b/reports/containerd_release_v2.2.1_20251218_174025.json
@@ -0,0 +1,160 @@
+{
+  "metadata": {
+    "generated_at": "2025-12-18T17:40:47.620389",
+    "tool": "containerd-release-tracker",
+    "version": "1.0.0"
+  },
+  "release": {
+    "tag_name": "v2.2.1",
+    "name": "containerd 2.2.1",
+    "body": "Welcome to the v2.2.1 release of containerd!\n\nThe first patch release for containerd 2.2 contains various fixes and improvements.\n\n### Highlights\n\n#### Container Runtime Interface (CRI)\n\n* **Redact all query parameters in CRI error logs** ([#12546](https://github.com/containerd/containerd/pull/12546))\n\n#### Image Distribution\n\n* **Fix image defaults on Darwin to usable configuration** ([#12544](https://github.com/containerd/containerd/pull/12544))\n* **Fix possible panic from WithMediaTypeKeyPrefix** ([#12516](https://github.com/containerd/containerd/pull/12516))\n\n#### Runtime\n\n* **Update runc binary to v1.3.4** ([#12593](https://github.com/containerd/containerd/pull/12593))\n* **Fix parsing of hugetlb.<size>.events files** ([containerd/cgroups#379](https://github.com/containerd/cgroups/pull/379))\n\nPlease try out the release binaries and report any issues at\nhttps://github.com/containerd/containerd/issues.\n\n### Contributors\n\n* Krisztian Litkey\n* Markus Lehtonen\n* Akihiro Suda\n* Mike Brown\n* Sebastiaan van Stijn\n* Derek McGowan\n* Heran Yang\n* Wei Fu\n* Phil Estes\n* Samuel Karp\n* Austin Vazquez\n* Sascha Grunert\n* Akhil Mohan\n* Andrey Noskov\n* Brian Goff\n* CrazyMax\n* Davanum Srinivas\n* Gaurav Ghildiyal\n* Neeraj Krishna Gopalakrishna\n* Paweł Gronowski\n* Tariq Ibrahim\n* TomerLev\n* Tõnis Tiigi\n* bo.jiang\n* ningmingxiao\n\n### Changes\n<details><summary>53 commits</summary>\n<p>\n\n* Prepare release notes for v2.2.1 ([#12677](https://github.com/containerd/containerd/pull/12677))\n  * [`f6bae1f88`](https://github.com/containerd/containerd/commit/f6bae1f8807a099a0b101e584f1f8aabddab91a6) Prepare release notes for v2.2.1\n* cri,nri: bump NRI dependencies to v0.11.0 ([#12701](https://github.com/containerd/containerd/pull/12701))\n  * [`c22cf5d49`](https://github.com/containerd/containerd/commit/c22cf5d49819a2996f184db954c53c2060916314) cri,nri: pass any linux security profile to plugins.\n  * [`d7532de75`](https://github.com/containerd/containerd/commit/d7532de751f81eee4f03001bb46e49d76a1607fb) cri,nri: pass any linux RDT constraints to plugins.\n  * [`ef36e6181`](https://github.com/containerd/containerd/commit/ef36e6181456ebb9919d2a51d786f416f85f780b) cri,nri: pass any linux net devices to plugins.\n  * [`d56faf426`](https://github.com/containerd/containerd/commit/d56faf4261b5f946caa92c4869963f89f63a9b22) cri,nri: pass any linux scheduler attributes to plugins.\n  * [`e1824d261`](https://github.com/containerd/containerd/commit/e1824d2613d32793cf1fd7282f0b9f5f6f622613) cri,nri: pass any linux I/O priority to plugins.\n  * [`01d5490ae`](https://github.com/containerd/containerd/commit/01d5490ae26a05b1a73ca9e253761005c7286754) go.{mod,sum}: bump NRI deps to v0.11.0, re-vendor.\n* pkg/tracing: HTTPStatusCodeAttributes: remove use of deprecated SemConv const ([#12697](https://github.com/containerd/containerd/pull/12697))\n  * [`58d23ab63`](https://github.com/containerd/containerd/commit/58d23ab63830dc41d7c2e1035a9c0a7a28b6fed2) pkg/tracing: HTTPStatusCodeAttributes: remove use of deprecated SemConv const\n* cri/nri: short-circuit nil adjustment. ([#12672](https://github.com/containerd/containerd/pull/12672))\n  * [`05ccbb3a7`](https://github.com/containerd/containerd/commit/05ccbb3a7eb10a72427c722155a2eacdc2908a61) cri/nri: short-circuit nil adjustment.\n* go.{mod,sum}: bump CDI deps to v1.1.0. ([#12664](https://github.com/containerd/containerd/pull/12664))\n  * [`c166a577d`](https://github.com/containerd/containerd/commit/c166a577d0638de704d6c9f999858ed47cf06a60) go.{mod,sum} bump CDI deps to v1.1.0.\n* go.mod: containerd/zfs v2.0.0; remove exclude rules ([#12654](https://github.com/containerd/containerd/pull/12654))\n  * [`73a08aa00`](https://github.com/containerd/containerd/commit/73a08aa00dc98a0662a40d45ed50dac534dce1e6) go.mod: remove exclude rules\n  * [`cee08c8af`](https://github.com/containerd/containerd/commit/cee08c8af836002863b30e2ef8cd3c45b6ae56ad) build(deps): bump github.com/containerd/zfs/v2 from 2.0.0-rc.0 to 2.0.0\n* go.mod: github.com/containernetworking/plugins v1.9.0 ([#12658](https://github.com/containerd/containerd/pull/12658))\n  * [`8a5fc8641`](https://github.com/containerd/containerd/commit/8a5fc86416926d2a2189861391cd77b07d7f4443) go.mod: github.com/containernetworking/plugins v1.9.0\n* go.mod: golang.org/x/crypto v0.45.0 ([#12638](https://github.com/containerd/containerd/pull/12638))\n  * [`55c93d6fb`](https://github.com/containerd/containerd/commit/55c93d6fb85333d4988122b2ae97b947bcde02b7) go.mod: golang.org/x/crypto v0.45.0\n* ci :bump Go 1.24.11, 1.25.5 ([#12625](https://github.com/containerd/containerd/pull/12625))\n  * [`aedd29bb4`](https://github.com/containerd/containerd/commit/aedd29bb4ecabfae1d8806dc1011a347a3401fb2) ci: bump Go 1.24.11, 1.25.5\n  * [`26628f139`](https://github.com/containerd/containerd/commit/26628f1397f991a9ee2fe7de32a6a2df70ab89bd) ci: bump Go 1.24.10, 1.25.4\n  * [`8bb0e9be6`](https://github.com/containerd/containerd/commit/8bb0e9be6ceebc1ad1d76c88a661bacf84921b3d) ci(release): set GO_VERSION in Dockerfile\n* core/runtime/v2: remove uses of otelgrpc.UnaryClientInterceptor ([#12622](https://github.com/containerd/containerd/pull/12622))\n  * [`ed19c5420`](https://github.com/containerd/containerd/commit/ed19c542003cc00988760b0f72e487c20dc198a0) core/runtime/v2: remove uses of otelgrpc.UnaryClientInterceptor\n* ci: update CIFuzz actions to support Ubuntu 24.04 ([#12632](https://github.com/containerd/containerd/pull/12632))\n  * [`952237d9b`](https://github.com/containerd/containerd/commit/952237d9ba4390f4fa740f3832492e3870f0f9f9) ci: update CIFuzz actions to support Ubuntu 24.04\n* Update runc binary to v1.3.4 ([#12593](https://github.com/containerd/containerd/pull/12593))\n  * [`fb5b818a9`](https://github.com/containerd/containerd/commit/fb5b818a9a34ad4fe3b0901c73cd7432ae4bb8bc) runc: Update runc binary to v1.3.4\n* : update containerd/cgroups from v3.1.0 to v3.1.2 ([#12598](https://github.com/containerd/containerd/pull/12598))\n  * [`51582ed27`](https://github.com/containerd/containerd/commit/51582ed27b13941f6bbf1526d909a00deadfcc0f) bump containerd/cgroups to v3.1.2\n  * [`50d0e4fd4`](https://github.com/containerd/containerd/commit/50d0e4fd4cb909829d9965d9da5be04ee812fe29) build(deps): bump github.com/containerd/cgroups/v3 from 3.1.0 to 3.1.1\n* core/mount: should not call removeLoop when set autoclear ([#12587](https://github.com/containerd/containerd/pull/12587))\n  * [`41a69eb0d`](https://github.com/containerd/containerd/commit/41a69eb0d19cafbf40e03c36ef6be259a52d6f5e) core/mount: should not call removeLoop when set autoclear\n* build(deps): bump github.com/opencontainers/selinux ([#12589](https://github.com/containerd/containerd/pull/12589))\n  * [`e3bf2b80b`](https://github.com/containerd/containerd/commit/e3bf2b80b9ca3280fd64a2bd0436fcdb894c4410) build(deps): bump github.com/opencontainers/selinux\n* .github: skip 5 critest cases for window-2022 ([#12584](https://github.com/containerd/containerd/pull/12584))\n  * [`da8e846f9`](https://github.com/containerd/containerd/commit/da8e846f97a081f580eccc4a7384f3f050dd5b5e) .github: skip 5 critest cases in window CI pipeline\n* Fix image defaults on Darwin to usable configuration ([#12544](https://github.com/containerd/containerd/pull/12544))\n  * [`d154e234b`](https://github.com/containerd/containerd/commit/d154e234b29c5bed4f14a72d605e92e4728415a2) Update the ctr pull defaults when using the transfer service\n  * [`09364216d`](https://github.com/containerd/containerd/commit/09364216de92aab056118507da59fabf642d88ac) Fix transfer unpack defaults on darwin\n  * [`2055d3c62`](https://github.com/containerd/containerd/commit/2055d3c62e85350642c4b031c35a63b22e2ec6f7) Update default differs on darwin\n  * [`9da97686d`](https://github.com/containerd/containerd/commit/9da97686d151da046d5512bb9f7f1d67ea4c8393) Use default writable size in erofs snapshotter for non-Linux hosts\n  * [`eeb0f889a`](https://github.com/containerd/containerd/commit/eeb0f889aed826b58a3033a5a5b14dff6ccd1979) Update default erofs block size on macOS during erofs diff\n* Redact all query parameters in CRI error logs ([#12546](https://github.com/containerd/containerd/pull/12546))\n  * [`c707f771a`](https://github.com/containerd/containerd/commit/c707f771a872f9dd22ad8f2f827317a800e4a74f) fix: redact all query parameters in CRI error logs\n* Revert \"Implement io.ReaderAt on docker fetch reader\" ([#12542](https://github.com/containerd/containerd/pull/12542))\n  * [`678f944dd`](https://github.com/containerd/containerd/commit/678f944dd16601d08ecbb19e350acc027728b656) Revert \"Implement io.ReaderAt on docker fetch reader\"\n* Fix possible panic from WithMediaTypeKeyPrefix ([#12516](https://github.com/containerd/containerd/pull/12516))\n  * [`8b73c2de3`](https://github.com/containerd/containerd/commit/8b73c2de310e95fe3a143473b511fcf99d03692f) remotes: fix possible panic from WithMediaTypeKeyPrefix\n</p>\n</details>\n\n### Changes from containerd/cgroups\n<details><summary>13 commits</summary>\n<p>\n\n* ci: bump golangci-lint to v2.6.2 ([containerd/cgroups#382](https://github.com/containerd/cgroups/pull/382))\n  * [`a302e56`](https://github.com/containerd/cgroups/commit/a302e56b258f818a3dacb6e282907904f17ea239) ci: bump golangci-lint to v2.6.2\n  * [`731cf7a`](https://github.com/containerd/cgroups/commit/731cf7a96296e8eccffe9b986aece85ec4ab9b5b) ci: suppress errcheck\n  * [`9bee663`](https://github.com/containerd/cgroups/commit/9bee663879fd7f5b873fa40f61a837309c4be8b0) utils: move Close() to defer block\n  * [`9d7647c`](https://github.com/containerd/cgroups/commit/9d7647ce3bae2f67cc4ecfe1df51796caba49d52) rdma: use strings.Cut in Go 1.18\n  * [`109f063`](https://github.com/containerd/cgroups/commit/109f063d1c6cefbc3def1a8e0a169b746f7f5f0a) memory_test: apply De Morgan's law\n  * [`e6fcf3f`](https://github.com/containerd/cgroups/commit/e6fcf3fda4200609bb6323428e2d1f24f712e62e) memory_test: omit type from declaration\n* build(deps): bump actions/checkout from 5 to 6 ([containerd/cgroups#381](https://github.com/containerd/cgroups/pull/381))\n  * [`4e30098`](https://github.com/containerd/cgroups/commit/4e3009894821335455c4b804600eb9667b818f81) build(deps): bump actions/checkout from 5 to 6\n* Fix parsing of hugetlb.<size>.events files ([containerd/cgroups#379](https://github.com/containerd/cgroups/pull/379))\n  * [`2ad7a12`](https://github.com/containerd/cgroups/commit/2ad7a1241827ef1bc4f964fe8a5248b073f2db82) hugetlb: correctly parse hugetlb.<size>.events files\n* go.mod: github.com/opencontainers/runtime-spec v1.3.0 ([containerd/cgroups#376](https://github.com/containerd/cgroups/pull/376))\n  * [`34ef430`](https://github.com/containerd/cgroups/commit/34ef430d727e569c31b4f2bbc7d83bffeb1c0165) go.mod: github.com/opencontainers/runtime-spec v1.3.0\n</p>\n</details>\n\n### Changes from containerd/nri\n<details><summary>79 commits</summary>\n<p>\n\n* adaptation: allow compiling out WASM support altogether. ([containerd/nri#253](https://github.com/containerd/nri/pull/253))\n  * [`ab88fe6`](https://github.com/containerd/nri/commit/ab88fe680c11b35234c38c7d4eac72335721c78d) adaptation: allow compiling out WASM support altogether.\n* Support direct editing of the intelRdt config ([containerd/nri#215](https://github.com/containerd/nri/pull/215))\n  * [`8c0c9f6`](https://github.com/containerd/nri/commit/8c0c9f67a905fb24682239a4d6d94b0dd52c13e7) Implement removal of RDT\n  * [`dfbae8a`](https://github.com/containerd/nri/commit/dfbae8a616b80037798e3cfb8315d70f3f2eff7e) plugins: add sample rdt plugin\n  * [`d05dd81`](https://github.com/containerd/nri/commit/d05dd818ed26c3dbeae0fce88289387b62e4665c) pkg/adaptation: support new RDT fields\n  * [`725289b`](https://github.com/containerd/nri/commit/725289b256878de8e965327ab6e70dc883ea771b) pkg/runtime-tools/generate: support new RDT fields\n  * [`a7832a2`](https://github.com/containerd/nri/commit/a7832a241411573e03982490197d7eb98a1c9d29) api: add rdt\n* update wazero/wazero version to v1.10.1 ([containerd/nri#252](https://github.com/containerd/nri/pull/252))\n  * [`9eb9a0f`](https://github.com/containerd/nri/commit/9eb9a0f0f6e223e6060805b55957f117f159f5cc) update tetratelabs/wazero version to v1.10.1\n* support specifying a custom NRI socket path ([containerd/nri#249](https://github.com/containerd/nri/pull/249))\n  * [`2df6565`](https://github.com/containerd/nri/commit/2df656516e73b31e013257f713a1df5baa7fdcb0) [plugins] support specifying a custom NRI socket path\n* pkg/api: add OptionalRepeatedString type ([containerd/nri#212](https://github.com/containerd/nri/pull/212))\n  * [`687c1a6`](https://github.com/containerd/nri/commit/687c1a6a8b5c75056acd176dc89c45251926d0bb) pkg/api: add OptionalRepeatedString type\n* api,adaptation,generate: allow setting kernel scheduling policy attributes. ([containerd/nri#160](https://github.com/containerd/nri/pull/160))\n  * [`6a371ac`](https://github.com/containerd/nri/commit/6a371ac5e7afcd185ee575828f4822d779f0ded9) device-injector: add scheduling policy adjustment.\n  * [`e06369e`](https://github.com/containerd/nri/commit/e06369e8d1cad80f12eaf6f2c0da19c7ac78396c) api,adaptation,generate: allow setting scheduler attributes.\n* device-injector: always log injection summary. ([containerd/nri#246](https://github.com/containerd/nri/pull/246))\n  * [`14cc2e2`](https://github.com/containerd/nri/commit/14cc2e2fb6b9504c5241e3156b24b1055ed4e3ed) device-injector: always log injection summary.\n* api,adaptation,generate: allow adjusting linux net devices ([containerd/nri#157](https://github.com/containerd/nri/pull/157))\n  * [`5145c92`](https://github.com/containerd/nri/commit/5145c92e7c215ce3969805005ebdb0f37749e68b) device-injector: add network device injection.\n  * [`8a03823`](https://github.com/containerd/nri/commit/8a03823fe8afbca00b30f669805c911414c58803) api,adaptation,generate: allow adjusting linux net devices.\n* Add support for sysctl adjustment ([containerd/nri#248](https://github.com/containerd/nri/pull/248))\n  * [`914fbf3`](https://github.com/containerd/nri/commit/914fbf3faf42da144376c133541c37211d2f9200) default-validator: restrict sysctl adjustment\n  * [`a418956`](https://github.com/containerd/nri/commit/a4189560f80f7c02579eec252ae43034bf21cb8a) api: apply sysctl adjustments\n  * [`8705f9b`](https://github.com/containerd/nri/commit/8705f9b1eb3107ad8bc422978b0412527e3fd236) api: add sysctl container adjustment\n* feat: Make logger a configurable struct member for stub ([containerd/nri#239](https://github.com/containerd/nri/pull/239))\n  * [`08a891a`](https://github.com/containerd/nri/commit/08a891a81d90b03b5e5ae14734f5ad74e74c264b) feat: Make logger a configurable struct member for stub\n* Drop dependency on opencontainers/runtime-tools ([containerd/nri#247](https://github.com/containerd/nri/pull/247))\n  * [`5e5c2be`](https://github.com/containerd/nri/commit/5e5c2be5f57436228f2762e0deb2c4f9873f3e9b) Drop dependency on opencontainers/runtime-tools\n* deps: bump runtime-spec to v1.3.0. ([containerd/nri#243](https://github.com/containerd/nri/pull/243))\n  * [`29c5811`](https://github.com/containerd/nri/commit/29c581117267cb5d2289ff08902a93ff263caf0e) (v0.1.0) examples: lock NRI, runtime spec deps.\n  * [`d812952`](https://github.com/containerd/nri/commit/d8129529588cca090c972aa5e5f7775162af59da) v010-adapter: lock NRI, runtime spec and tools deps.\n  * [`7dd7c7f`](https://github.com/containerd/nri/commit/7dd7c7f8b21c08242de41634b12ab2ee71b91000) api,runtime-tools: adjust for runtime-spec v1.3.0.\n  * [`5d5d4c4`](https://github.com/containerd/nri/commit/5d5d4c4c877fdef4fe0938e627b11b97234195b8) go.{mod,sum}: update runtime-tools, runtime-spec to v1.3.0.\n* adaptation: ensure sync'ed plugins are fully registered in tests. ([containerd/nri#234](https://github.com/containerd/nri/pull/234))\n  * [`c840397`](https://github.com/containerd/nri/commit/c84039771e9c2cee68952b4b7cc52cba1909784e) adaptation: ensure sync'ed plugins are fully registered in tests.\n* Fix wasm example ([containerd/nri#237](https://github.com/containerd/nri/pull/237))\n  * [`44b2861`](https://github.com/containerd/nri/commit/44b2861a26c8e392229cd8b27a20cf689925f176) Fix wasm example\n* Makefile: build proto files unconditionally ([containerd/nri#229](https://github.com/containerd/nri/pull/229))\n  * [`d99f960`](https://github.com/containerd/nri/commit/d99f96028e5226c004f94a3394be82190980c4bd) Fix dockerized proto build\n  * [`9623748`](https://github.com/containerd/nri/commit/9623748f543343bfe6b2312df47a7ed9000d47fe) Makefile: build proto files unconditionally\n  * [`25d9391`](https://github.com/containerd/nri/commit/25d9391690a7158d851364ef011e1f56fd607a70) build: ensure we use correct version of protoc and its deps.\n* adaptation: test with populated initial resources. ([containerd/nri#231](https://github.com/containerd/nri/pull/231))\n  * [`b6b98b5`](https://github.com/containerd/nri/commit/b6b98b56a60df29da312cc1e1e070697dec43583) adaptation: test with populated initial resources.\n* Install protoc locally in the source tree ([containerd/nri#232](https://github.com/containerd/nri/pull/232))\n  * [`2394daa`](https://github.com/containerd/nri/commit/2394daa45f1c7c0fcf28e9e39895c8b871a7445c) Install protoc locally in the source tree\n* plugins/logger: fix default event subscription mask. ([containerd/nri#158](https://github.com/containerd/nri/pull/158))\n  * [`33b1db1`](https://github.com/containerd/nri/commit/33b1db1add2e9a603f7c47e1efa95d386f4af560) logger: fix default event subscription mask.\n* extract memory and CPU resource helpers ([containerd/nri#210](https://github.com/containerd/nri/pull/210))\n  * [`7afb32a`](https://github.com/containerd/nri/commit/7afb32a3a444fd0a24e36988e0906ad35590c672) extract memory and CPU resource helpers\n* api: expose container user/group ID to plugins. ([containerd/nri#230](https://github.com/containerd/nri/pull/230))\n  * [`22aeb46`](https://github.com/containerd/nri/commit/22aeb467e553bffd7650930b3bc6c28b95a2dee5) docs: update README with container uid/gid info.\n  * [`71b0335`](https://github.com/containerd/nri/commit/71b0335fdc262451ab2ff71591f1126c8a036265) api,adaptation: add container uid/gid info.\n* contrib: add example for enabling per-container RDT monitoring ([containerd/nri#228](https://github.com/containerd/nri/pull/228))\n  * [`91fbf06`](https://github.com/containerd/nri/commit/91fbf06ed654e46629cb7aefb11856953720c9cf) contrib: add example for enabling per-container RDT monitoring\n* ci: enable image signing ([containerd/nri#224](https://github.com/containerd/nri/pull/224))\n  * [`fb54916`](https://github.com/containerd/nri/commit/fb5491601ca84bf52b70e75d0e99ddc4dfe6a922) ci: enable image signing\n* golangci: disable QF1008 from staticcheck linter ([containerd/nri#226](https://github.com/containerd/nri/pull/226))\n  * [`0b3b577`](https://github.com/containerd/nri/commit/0b3b5770d1f6845d3a3e52ccb5218f2b3ce1f34e) golangci: disable QF1008 from staticcheck linter\n* ci: bump golangci-lint to v2.4 ([containerd/nri#225](https://github.com/containerd/nri/pull/225))\n  * [`9787127`](https://github.com/containerd/nri/commit/9787127c0f3e69726b968e12b29dae31e35e250b) Bump golangci-lint to v2.4\n  * [`1a50ff5`](https://github.com/containerd/nri/commit/1a50ff585624f01763fd20aafaeaa92aa8b27c46) Add nolint directives\n  * [`00fa1a1`](https://github.com/containerd/nri/commit/00fa1a124e605590d3ceea1e687600785ae6518d) Add and fix comments for exported types\n  * [`ac21da7`](https://github.com/containerd/nri/commit/ac21da7be8f991a8699cef41acba8783dee5351e) pkg/api/seccomp: add comments for exported functions\n  * [`3aff986`](https://github.com/containerd/nri/commit/3aff986af5f8abefda8552edae991608782df46c) pkg/runtime-tools/generate: remove embedded field \"Generator\"\n  * [`c0c4bb6`](https://github.com/containerd/nri/commit/c0c4bb648ae46207f47d5b18bf447f7d5b32e26b) pkg/api/validate: add comments for exported methods\n  * [`c0ba9da`](https://github.com/containerd/nri/commit/c0ba9da712934c860a64af54d96b5cfc74672ff5) adaptation/builtin: add comment for exported symbols\n* .gitignore: revert hastily reviewed editor-specific addition. ([containerd/nri#221](https://github.com/containerd/nri/pull/221))\n  * [`02376f3`](https://github.com/containerd/nri/commit/02376f371c707718144dd509172618c69ce6670c) .gitignore: add comment about global gitignore.\n  * [`9336a79`](https://github.com/containerd/nri/commit/9336a7933c666dbe6da09fe3cb46e80b478fb268) Revert \"nit: Add .idea folder to gitignore\"\n* nit: Add .idea folder to gitignore ([containerd/nri#218](https://github.com/containerd/nri/pull/218))\n  * [`f578ea2`](https://github.com/containerd/nri/commit/f578ea2804642f2cd59594edc17b59d995289223) nit: Add .idea folder to gitignore\n* chore: clean and unify nolint directives ([containerd/nri#217](https://github.com/containerd/nri/pull/217))\n  * [`21741b9`](https://github.com/containerd/nri/commit/21741b9ee40d69eb9ee3d5688e45b0b022c32738) chore: clean and unify nolint directives\n* Downgrade go to require 1.24.0 ([containerd/nri#214](https://github.com/containerd/nri/pull/214))\n  * [`d26e910`](https://github.com/containerd/nri/commit/d26e910702c62126decc6befe835e7315cd738a9) Downgrade go to require 1.24.0\n* Add dockerized target for building proto files ([containerd/nri#211](https://github.com/containerd/nri/pull/211))\n  * [`13fcc07`](https://github.com/containerd/nri/commit/13fcc0773d23520ff44d54549122ec78c8f1e473) Add dockerized target for building proto files\n</p>\n</details>\n\n### Changes from containerd/zfs\n<details><summary>11 commits</summary>\n<p>\n\n* go.mod: update to stable containerd v2.0 ([containerd/zfs#89](https://github.com/containerd/zfs/pull/89))\n  * [`f11f891`](https://github.com/containerd/zfs/commit/f11f891ff42b3f8cd6f15d0fb18b2644a002bb85) go.mod: update to stable containerd v2.0\n* ci: update actions, test against go1.23, fix linting, and update golangci-lint ([containerd/zfs#88](https://github.com/containerd/zfs/pull/88))\n  * [`662ad3c`](https://github.com/containerd/zfs/commit/662ad3cefa596775e20a44a1c6b1037b0a0d539d) gha: update golangci/golangci-lint-action@v9, golangci-lint v2.7\n  * [`b0b2584`](https://github.com/containerd/zfs/commit/b0b25847ac875af99d62e9d4f83b2875a2f39df9) remove nolint comments\n  * [`7c4274b`](https://github.com/containerd/zfs/commit/7c4274bfa0a0df14d66fabb51269bfdfbf4e0b06) fix error capitalization\n  * [`24ce1b9`](https://github.com/containerd/zfs/commit/24ce1b93f0579fe5ecaec4bd55290ff7e2f456db) fix inconsistent receiver name\n  * [`c8545c3`](https://github.com/containerd/zfs/commit/c8545c33c3c9f4d881c45a22688be49f4ff1502a) gha: update actions/checkout@v6\n  * [`d23ec04`](https://github.com/containerd/zfs/commit/d23ec046338e9a5761083cef373be2bab1551995) gha: update actions/setup-go@v6\n  * [`bb45f6e`](https://github.com/containerd/zfs/commit/bb45f6e4d3965616dcaae6eaab9342af0e4c1cad) gha: update containerd/project-checks@v1.2.2\n  * [`65bc451`](https://github.com/containerd/zfs/commit/65bc451f6abab9d7133abd7c227be227ad6b1f0d) gha: test against go1.23\n</p>\n</details>\n\n### Dependency Changes\n\n* **github.com/containerd/cgroups/v3**                  v3.1.0 -> v3.1.2\n* **github.com/containerd/nri**                         v0.10.0 -> v0.11.0\n* **github.com/containerd/zfs/v2**                      v2.0.0-rc.0 -> v2.0.0\n* **github.com/containernetworking/plugins**            v1.8.0 -> v1.9.0\n* **github.com/cyphar/filepath-securejoin**             v0.5.1 **_new_**\n* **github.com/opencontainers/runtime-spec**            v1.2.1 -> v1.3.0\n* **github.com/opencontainers/runtime-tools**           0ea5ed0382a2 -> edf4cb3d2116\n* **github.com/opencontainers/selinux**                 v1.12.0 -> v1.13.1\n* **github.com/tetratelabs/wazero**                     v1.9.0 -> v1.10.1\n* **golang.org/x/crypto**                               v0.41.0 -> v0.45.0\n* **golang.org/x/net**                                  v0.43.0 -> v0.47.0\n* **golang.org/x/sync**                                 v0.17.0 -> v0.18.0\n* **golang.org/x/sys**                                  v0.37.0 -> v0.38.0\n* **golang.org/x/term**                                 v0.34.0 -> v0.37.0\n* **golang.org/x/text**                                 v0.28.0 -> v0.31.0\n* **tags.cncf.io/container-device-interface**           v1.0.1 -> v1.1.0\n* **tags.cncf.io/container-device-interface/specs-go**  v1.0.0 -> v1.1.0\n\nPrevious release can be found at [v2.2.0](https://github.com/containerd/containerd/releases/tag/v2.2.0)\n### Which file should I download?\n* `containerd-<VERSION>-<OS>-<ARCH>.tar.gz`:         ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).\n* `containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz`:  Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.\n\nIn addition to containerd, typically you will have to install [runc](https://github.com/opencontainers/runc/releases)\nand [CNI plugins](https://github.com/containernetworking/plugins/releases) from their official sites too.\n\nSee also the [Getting Started](https://github.com/containerd/containerd/blob/main/docs/getting-started.md) documentation.\n",
+    "published_at": "2025-12-18T17:37:28Z",
+    "prerelease": false,
+    "draft": false,
+    "html_url": "https://github.com/containerd/containerd/releases/tag/v2.2.1",
+    "author": "github-actions[bot]"
+  },
+  "analysis": {
+    "summary": "containerd 2.2.1 版本聚焦日志安全增强、运行时稳定性改进和跨平台支持优化，主要包含关键错误修复和依赖项更新",
+    "key_changes": [
+      "CRI 错误日志全量参数脱敏 - [PR #12546](https://github.com/containerd/containerd/pull/12546) - **影响：** 防止敏感凭证参数（如 registry access token）泄露到日志系统",
+      "Darwin 平台镜像默认配置修复 - [PR #12544](https://github.com/containerd/containerd/pull/12544) - **影响：** 解决 macOS 环境镜像拉取失败问题",
+      "runc 升级至 v1.3.4 - [PR #12593](https://github.com/containerd/containerd/pull/12593) - **影响：** 集成最新容器运行时安全补丁和功能改进"
+    ],
+    "important_bugfixes": [
+      "修复 hugetlb 事件文件解析问题 - [containerd/cgroups#379](https://github.com/containerd/cgroups/pull/379) - **影响：** 避免内存子系统监控数据异常导致资源统计失效",
+      "修复 WithMediaTypeKeyPrefix 可能触发 panic - [PR #12516](https://github.com/containerd/containerd/pull/12516) - **影响：** 防止特定镜像操作场景下进程崩溃",
+      "修复 loop 设备自动清理逻辑 - [PR #12587](https://github.com/containerd/containerd/pull/12587) - **影响：** 避免存储卷卸载后残留无效设备"
+    ],
+    "security_issues": [
+      "runc v1.3.4 包含多个 CVE 修复（需参考具体 runc 变更） - **风险级别：** 高 - 建议立即升级"
+    ],
+    "performance_improvements": [
+      "事件类型常量集中管理优化 - [PR #210](https://github.com/containerd/containerd/pull/210) - **提升：** 增强代码可维护性，降低维护成本"
+    ],
+    "breaking_changes": [
+      "Darwin 平台默认使用 erofs 快照器配置 - [PR #12544](https://github.com/containerd/containerd/pull/12544) - **影响：** macOS 用户需验证镜像兼容性"
+    ],
+    "recommendations": [
+      "立即升级生产环境：尤其是使用 Kubernetes CRI 且依赖日志审计的场景",
+      "macOS 开发环境需验证镜像拉取/解压功能",
+      "建议配合 runc v1.3.4 版本同步升级",
+      "检查日志系统中是否遗留敏感参数记录"
+    ],
+    "risk_assessment": "整体风险评估：中低风险。建议在下一个维护窗口期升级，需重点验证：1) macOS 环境镜像操作 2) 内存监控子系统功能 3) 高敏感度环境日志脱敏效果验证"
+  },
+  "statistics": {
+    "analyzed_prs": 9,
+    "analyzed_issues": 0,
+    "important_items": 1
+  },
+  "important_items": [
+    {
+      "type": "PR",
+      "title": "#210: Move event types constants into single file",
+      "reason": "Performance related"
+    }
+  ],
+  "prs": {
+    "88": {
+      "title": "containerd: do not export any symbols",
+      "url": "https://github.com/containerd/containerd/pull/88",
+      "body": "Following up with #87.\n\nSigned-off-by: Burcu Dogan jbd@google.com\n\n/cc @crosbymichael \n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-01-25T22:53:21Z",
+      "merged_at": "2016-01-25T23:14:42Z",
+      "author": "rakyll",
+      "labels": []
+    },
+    "87": {
+      "title": "Do not export symbols from the main package",
+      "url": "https://github.com/containerd/containerd/pull/87",
+      "body": "main packages are not importable; see the discussion at https://github.com/golang/go/issues/4210\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-01-24T07:34:19Z",
+      "merged_at": "2016-01-25T22:18:56Z",
+      "author": "rakyll",
+      "labels": []
+    },
+    "157": {
+      "title": "let user to specify the shim name or path",
+      "url": "https://github.com/containerd/containerd/pull/157",
+      "body": "Signed-off-by: mYmNeo mymneo@163.com\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-03-24T03:09:42Z",
+      "merged_at": "2016-04-20T14:31:14Z",
+      "author": "mYmNeo",
+      "labels": []
+    },
+    "158": {
+      "title": "Add runtimeArgs to pass to shim",
+      "url": "https://github.com/containerd/containerd/pull/158",
+      "body": "This allows you to pass options like:\n\n``` bash\ncontainerd --debug --runtime-args \"--debug\" --runtime-args\n\"--systemd-cgroup\"\n```\n\nSigned-off-by: Michael Crosby crosbymichael@gmail.com\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-03-24T20:32:03Z",
+      "merged_at": "2016-03-24T22:53:05Z",
+      "author": "crosbymichael",
+      "labels": []
+    },
+    "160": {
+      "title": "Integration test",
+      "url": "https://github.com/containerd/containerd/pull/160",
+      "body": "This is what I came up with for the integration testing.\n\n@crosbymichael, @icecrime, @tonistiigi, @anusha-ragunathan PTAL\n\nI dropped a few extra fixes in the mix since I needed them for the tests to work or for debugging.\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-03-25T05:59:47Z",
+      "merged_at": "2016-03-25T23:25:30Z",
+      "author": "mlaventure",
+      "labels": []
+    },
+    "210": {
+      "title": "Move event types constants into single file",
+      "url": "https://github.com/containerd/containerd/pull/210",
+      "body": "Move all constants for event types to types.go for easier code\nreadability and maintainance.\n\nSigned-off-by: Zhang Wei zhangwei555@huawei.com\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-04-19T11:14:09Z",
+      "merged_at": "2016-04-21T17:24:54Z",
+      "author": "WeiZhang555",
+      "labels": []
+    },
+    "212": {
+      "title": "Test containerd restart",
+      "url": "https://github.com/containerd/containerd/pull/212",
+      "body": "",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-04-21T01:09:57Z",
+      "merged_at": "2016-04-21T17:24:31Z",
+      "author": "mlaventure",
+      "labels": []
+    },
+    "214": {
+      "title": "Constant",
+      "url": "https://github.com/containerd/containerd/pull/214",
+      "body": "This patch introduce a file to keep the ctr wide constants.\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-04-22T07:13:18Z",
+      "merged_at": "2016-04-26T23:46:24Z",
+      "author": "HuKeping",
+      "labels": []
+    },
+    "215": {
+      "title": "Bugfix: ctr container list can not get the proper status of container",
+      "url": "https://github.com/containerd/containerd/pull/215",
+      "body": " Prior to this patch, when list containers by \"ctr containers\" or\n\"ctr containers xxx\", it will not get the proper status of conatinser(s).\n\nfor example:\n\n```\nh00283522@ubuntu:~$ sudo ctr containers\nID                  PATH                                  STATUS              PROCESSES\nhukeping_xxx        /home/h00283522/test_for_containerd   running             init\nhukeping_yyy        /home/h00283522/test_for_containerd   running             init\nh00283522@ubuntu:~$ sudo ctr containers pause hukeping_xxx\nh00283522@ubuntu:~$ \nh00283522@ubuntu:~$ \nh00283522@ubuntu:~$ sudo ctr containers\nID                  PATH                                  STATUS              PROCESSES\nhukeping_xxx        /home/h00283522/test_for_containerd   running             init\nhukeping_yyy        /home/h00283522/test_for_containerd   running             init\n```\n\nThat was caused by the wrong implementation of State() for structure process,\nit only send a signal \"0\" to ping the \"init\" process and do nothing.\n\nSince the OCI/runc has implemented an interface Status(), we can use that.\nAnd I think this is more compatible with the design for containerd:\n- containerd -> runtime -> fun()\n\nThis patch set first introduced an interface to runtime container and then\nreworked the `ctr containers list`\n",
+      "state": "closed",
+      "merged": true,
+      "created_at": "2016-04-22T14:03:28Z",
+      "merged_at": "2016-04-26T20:43:47Z",
+      "author": "HuKeping",
+      "labels": []
+    }
+  },
+  "issues": {}
+}
\ No newline at end of file
diff --git a/reports/containerd_release_v2.2.1_20251218_174025.md b/reports/containerd_release_v2.2.1_20251218_174025.md
new file mode 100644
index 0000000..899d887
--- /dev/null
+++ b/reports/containerd_release_v2.2.1_20251218_174025.md
@@ -0,0 +1,167 @@
+# Containerd 版本发布分析报告
+## containerd 2.2.1 (v2.2.1)
+
+### 📋 版本信息
+- **版本标签：** v2.2.1
+- **版本名称：** containerd 2.2.1
+- **发布时间：** 2025-12-18T17:37:28Z
+- **发布者：** github-actions[bot]
+- **预发布版本：** 否
+- **草稿状态：** 否
+- **GitHub 链接：** https://github.com/containerd/containerd/releases/tag/v2.2.1
+
+### 🔍 分析统计
+- **分析时间：** 2025-12-18 17:40:25
+- **分析的 PR 数量：** 9
+- **分析的 Issue 数量：** 0
+- **重要项目数量：** 1
+
+## 📊 版本概述
+containerd 2.2.1 版本聚焦日志安全增强、运行时稳定性改进和跨平台支持优化，主要包含关键错误修复和依赖项更新
+
+## 🔒 安全问题修复
+1. ⚠️ runc v1.3.4 包含多个 CVE 修复（需参考具体 runc 变更） - **风险级别：** 高 - 建议立即升级
+
+**🚨 安全建议：** 如果您的环境中使用了受影响的功能，建议优先升级到此版本。
+
+## 🐛 重要问题修复
+1. 修复 hugetlb 事件文件解析问题 - [containerd/cgroups#379](https://github.com/containerd/cgroups/pull/379) - **影响：** 避免内存子系统监控数据异常导致资源统计失效
+2. 修复 WithMediaTypeKeyPrefix 可能触发 panic - [PR #12516](https://github.com/containerd/containerd/pull/12516) - **影响：** 防止特定镜像操作场景下进程崩溃
+3. 修复 loop 设备自动清理逻辑 - [PR #12587](https://github.com/containerd/containerd/pull/12587) - **影响：** 避免存储卷卸载后残留无效设备
+
+## 💥 破坏性变更
+1. 🚨 Darwin 平台默认使用 erofs 快照器配置 - [PR #12544](https://github.com/containerd/containerd/pull/12544) - **影响：** macOS 用户需验证镜像兼容性
+
+**⚠️ 升级警告：** 此版本包含破坏性变更，升级前请仔细评估对现有系统的影响。
+
+## ✨ 主要变更
+1. CRI 错误日志全量参数脱敏 - [PR #12546](https://github.com/containerd/containerd/pull/12546) - **影响：** 防止敏感凭证参数（如 registry access token）泄露到日志系统
+2. Darwin 平台镜像默认配置修复 - [PR #12544](https://github.com/containerd/containerd/pull/12544) - **影响：** 解决 macOS 环境镜像拉取失败问题
+3. runc 升级至 v1.3.4 - [PR #12593](https://github.com/containerd/containerd/pull/12593) - **影响：** 集成最新容器运行时安全补丁和功能改进
+
+## 🚀 性能优化
+1. 事件类型常量集中管理优化 - [PR #210](https://github.com/containerd/containerd/pull/210) - **提升：** 增强代码可维护性，降低维护成本
+
+## 🎯 风险评估
+整体风险评估：中低风险。建议在下一个维护窗口期升级，需重点验证：1) macOS 环境镜像操作 2) 内存监控子系统功能 3) 高敏感度环境日志脱敏效果验证
+
+## 📋 升级建议
+1. 立即升级生产环境：尤其是使用 Kubernetes CRI 且依赖日志审计的场景
+2. macOS 开发环境需验证镜像拉取/解压功能
+3. 建议配合 runc v1.3.4 版本同步升级
+4. 检查日志系统中是否遗留敏感参数记录
+
+## 📋 Release 包含的变更
+
+### PR #88: containerd: do not export any symbols
+- **链接：** https://github.com/containerd/containerd/pull/88
+- **状态：** closed
+- **已合并：** 是
+- **作者：** rakyll
+- **变更说明：**
+  **PR #88:** containerd: do not export any symbols
+
+**PR内容:** Following up with #87.
+
+Signed-off-by: Burcu Dogan jbd@google.com
+
+/cc @crosbymichael 
+...
+
+### PR #157: let user to specify the shim name or path
+- **链接：** https://github.com/containerd/containerd/pull/157
+- **状态：** closed
+- **已合并：** 是
+- **作者：** mYmNeo
+- **变更说明：**
+  **PR #157:** let user to specify the shim name or path
+
+**PR内容:** Signed-off-by: mYmNeo mymneo@163.com
+...
+
+### PR #158: Add runtimeArgs to pass to shim
+- **链接：** https://github.com/containerd/containerd/pull/158
+- **状态：** closed
+- **已合并：** 是
+- **作者：** crosbymichael
+- **变更说明：**
+  **PR #158:** Add runtimeArgs to pass to shim
+
+**PR内容:** This allows you to pass options like:
+
+``` bash
+containerd --debug --runtime-args "--debug" --runtime-args
+"--systemd-cgroup"
+```
+
+Signed-off-by: Michael Crosby crosbymichael@gmail.com
+...
+
+### PR #160: Integration test
+- **链接：** https://github.com/containerd/containerd/pull/160
+- **状态：** closed
+- **已合并：** 是
+- **作者：** mlaventure
+- **变更说明：**
+  **PR #160:** Integration test
+
+**PR内容:** This is what I came up with for the integration testing.
+
+@crosbymichael, @icecrime, @tonistiigi, @anusha-ragunathan PTAL
+
+I dropped a few extra fixes in the mix since I needed them for the tests to work or for debugging.
+...
+
+### PR #210: Move event types constants into single file
+- **链接：** https://github.com/containerd/containerd/pull/210
+- **状态：** closed
+- **已合并：** 是
+- **作者：** WeiZhang555
+- **变更说明：**
+  **PR #210:** Move event types constants into single file
+
+**PR内容:** Move all constants for event types to types.go for easier code
+readability and maintainance.
+
+Signed-off-by: Zhang Wei zhangwei555@huawei.com
+...
+
+### PR #212: Test containerd restart
+- **链接：** https://github.com/containerd/containerd/pull/212
+- **状态：** closed
+- **已合并：** 是
+- **作者：** mlaventure
+- **变更说明：**
+  **PR #212:** Test containerd restart
+
+### PR #214: Constant
+- **链接：** https://github.com/containerd/containerd/pull/214
+- **状态：** closed
+- **已合并：** 是
+- **作者：** HuKeping
+- **变更说明：**
+  **PR #214:** Constant
+
+**PR内容:** This patch introduce a file to keep the ctr wide constants.
+...
+
+### PR #215: Bugfix: ctr container list can not get the proper status of container
+- **链接：** https://github.com/containerd/containerd/pull/215
+- **状态：** closed
+- **已合并：** 是
+- **作者：** HuKeping
+- **变更说明：**
+  **PR #215:** Bugfix: ctr container list can not get the proper status of container
+
+**PR内容:**  Prior to this patch, when list containers by "ctr containers" or
+"ctr containers xxx", it will not get the proper status of conatinser(s).
+
+for example:
+
+```
+h00283522@ubuntu:~$ sudo ctr containers
+ID                  PATH                                  STATUS              PROCESSES
+hukeping_xxx    ...
+
+---
+*本报告由 Containerd Release Tracker 自动生成*
\ No newline at end of file