Commit Graph

142 Commits

Author SHA1 Message Date
Sebastiaan van Stijn 722cde068f
vendor: golang.org/x/sys v0.2.0
full diff: https://github.com/golang/sys/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-17 11:01:16 +01:00
Sebastiaan van Stijn 633ef7a093
vendor: golang.org/x/crypto v0.1.0 (fix OpenSSL > 9.3 compatibility)
- fixes compatibility with OpenSSH >= 8.9 (https://github.com/moby/buildkit/issues/3273)
- relates to https://github.com/golang/go/issues/51689#issuecomment-1197085791

full diff: https://github.com/golang/crypto/compare/3147a52a75dd...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 16:05:32 +01:00
Sebastiaan van Stijn 880b7fc671
vendor: golang.org/x/net v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/net/compare/f3363e06e74c...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 16:02:41 +01:00
Sebastiaan van Stijn 0f568cfa97
vendor: golang.org/x/text v0.4.0
full diff: https://github.com/golang/text/compare/v0.3.7...v0.4.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 16:00:18 +01:00
Sebastiaan van Stijn 63ea1e4242
vendor: golang.org/x/term v0.1.0
full diff: https://github.com/golang/term/compare/03fcf44c2211...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 15:58:54 +01:00
Sebastiaan van Stijn 57b6ed34cc
vendor: golang.org/x/time v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/time/compare/1f47c861a9ac...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 15:53:35 +01:00
Sebastiaan van Stijn 7b3900145e
vendor: golang.org/x/sys v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: c680a09ffe...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-16 15:48:59 +01:00
Sebastiaan van Stijn 46ba87dcf1
vendor: github.com/google/go-cmp v0.5.9 to remove golang.org/x/xerrors
full diff: https://github.com/google/go-cmp/compare/v0.5.7...v0.5.9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-05 23:24:04 +01:00
Sebastiaan van Stijn fc7e831a6a
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-09-06 23:14:47 +02:00
Sebastiaan van Stijn eaf6461ee6
vendor: golang.org/x/sys v0.0.0-20220825204002-c680a09ffe64
full diff: 3c1f35247d...c680a09ffe

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-29 15:58:05 +02:00
Sebastiaan van Stijn 649aa6175b
vendor: golang.org/x/sys v0.0.0-20220728004956-3c1f35247d10
full diff: bc2c85ada1...3c1f35247d

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-08-20 17:04:20 +02:00
Sebastiaan van Stijn 65d45664b1
vendor: golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a
full diff: 33da011f77...bc2c85ada1

notable changes;

- unix: use ByteSliceFromString in (*Ifreq).Name
- unix: update openbsd Statfs_t fields

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-07-21 17:32:13 +02:00
Sebastiaan van Stijn 05279c7c6a
vendor: golang.org/x/sys v0.0.0-20220412211240-33da011f77ad
Includes fixes for:

- CVE-2022-29526 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526);
  (description at https://go.dev/issue/52313).

full diff: 1e041c57c4...33da011f77

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-05-11 14:33:05 +02:00
Sebastiaan van Stijn acf6aee911
vendor: golang.org/x/sys v0.0.0-20220405210540-1e041c57c461
full diff: da31bd327a...1e041c57c4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-04-30 12:01:42 +02:00
Sebastiaan van Stijn f3a05eb800
vendor dependencies with go1.17
Some warnings about go1.16 compatibility, so including them here:

     + go mod tidy -modfile=vendor.mod
     github.com/docker/cli/cli/registry/client imports
           github.com/docker/distribution/registry/api/v2 imports
           github.com/gorilla/mux loaded from github.com/gorilla/mux@v1.7.0,
        but go 1.16 would select v1.8.0
     github.com/docker/cli/cli/compose/loader imports
        gopkg.in/yaml.v2 tested by
        gopkg.in/yaml.v2.test imports
        gopkg.in/check.v1 loaded from gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f,
        but go 1.16 would select v1.0.0-20201130134442-10cb98267c6c
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/Shopify/logrus-bugsnag loaded from github.com/Shopify/logrus-bugsnag@v0.0.0-20170309145241-6dbc35f2c30d,
        but go 1.16 would select v0.0.0-20171204204709-577dee27f20d
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server/storage imports
        gopkg.in/rethinkdb/rethinkdb-go.v6 imports
        github.com/opentracing/opentracing-go loaded from github.com/opentracing/opentracing-go@v1.1.0,
        but go 1.16 would select v1.2.0
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server/storage imports
        gopkg.in/rethinkdb/rethinkdb-go.v6 imports
        github.com/opentracing/opentracing-go/ext loaded from github.com/opentracing/opentracing-go@v1.1.0,
        but go 1.16 would select v1.2.0
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server/storage imports
        gopkg.in/rethinkdb/rethinkdb-go.v6 imports
        github.com/opentracing/opentracing-go/log loaded from github.com/opentracing/opentracing-go@v1.1.0,
        but go 1.16 would select v1.2.0
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/spf13/viper imports
        github.com/spf13/afero loaded from github.com/spf13/afero@v1.1.2,
        but go 1.16 would select v1.2.2
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/spf13/viper imports
        github.com/spf13/cast loaded from github.com/spf13/cast@v1.3.0,
        but go 1.16 would select v1.3.1
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/spf13/viper imports
        github.com/spf13/jwalterweatherman loaded from github.com/spf13/jwalterweatherman@v1.0.0,
        but go 1.16 would select v1.1.0
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/spf13/viper imports
        gopkg.in/ini.v1 loaded from gopkg.in/ini.v1@v1.51.0,
        but go 1.16 would select v1.56.0
     github.com/docker/cli/cli/command imports
        github.com/theupdateframework/notary/client tested by
        github.com/theupdateframework/notary/client.test imports
        github.com/theupdateframework/notary/server imports
        github.com/theupdateframework/notary/utils imports
        github.com/spf13/viper imports
        github.com/spf13/afero imports
        github.com/spf13/afero/mem loaded from github.com/spf13/afero@v1.1.2,
        but go 1.16 would select v1.2.2

     To upgrade to the versions selected by go 1.16:
        go mod tidy -go=1.16 && go mod tidy -go=1.17
     If reproducibility with go 1.16 is not needed:
        go mod tidy -compat=1.17
     For other options, see:
        https://golang.org/doc/modules/pruning

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-26 19:48:14 +01:00
Sebastiaan van Stijn bc2c8d7599
vendor: golang.org/x/crypto v0.0.0-20220315160706-3147a52a75dd
full diff: 5770296d90...3147a52a75

This version contains a fix for CVE-2022-27191 (not sure if it affects us).

From the golang mailing list:

    Hello gophers,

    Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements
    client authentication support for signature algorithms based on SHA-2 for use with
    existing RSA keys.

    Previously, a client would fail to authenticate with RSA keys to servers that
    reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default
    and—starting today March 15, 2022 for recently uploaded keys.

    We are providing this announcement as the error (“ssh: unable to authenticate”)
    might otherwise be difficult to troubleshoot.

    Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also
    fixes a potential security issue where an attacker could cause a crash in a
    golang.org/x/crypto/ssh server under these conditions:

    - The server has been configured by passing a Signer to ServerConfig.AddHostKey.
    - The Signer passed to AddHostKey does not also implement AlgorithmSigner.
    - The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.

    Servers that only use Signer implementations provided by the ssh package are
    unaffected. This is CVE-2022-27191.

    Alla prossima,

    Filippo for the Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-17 14:03:33 +01:00
Sebastiaan van Stijn 02a06cf9aa
vendor: golang.org/x/time v0.0.0-20210723032227-1f47c861a9ac
intermediate bump for easier review

full diff: 3af7569d3a...1f47c861a9

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-16 15:25:40 +01:00
Sebastiaan van Stijn bc54802f5e
vendor: golang.org/x/term v0.0.0-20210615171337-6886f2dfbf5b
full diff: 7de9c90e9d...6886f2dfbf

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-16 15:24:03 +01:00
Sebastiaan van Stijn 1bb2591444
vendor: golang.org/x/net v0.0.0-20211216030914-fe4d6282115f
intermediate bump for easier review

full diff: e18ecbb051...fe4d628211

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-16 15:21:39 +01:00
Sebastiaan van Stijn 576e4dce44
vendor: golang.org/x/text v0.3.7
full diff: https://github.com/golang/text/compare/v0.3.4...v0.3.7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-09 18:17:13 +01:00
Sebastiaan van Stijn 7880acb052
vendor: golang.org/x/sys v0.0.0-20220114195835-da31bd327af9
full diff: 69cdffdb93...da31bd327a

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-09 18:17:12 +01:00
Sebastiaan van Stijn 58747a6316
vendor: github.com/google/go-cmp v0.5.5
it was downgraded to v0.2.0, but should be safe to upgrade

full diff: https://github.com/google/go-cmp/compare/v0.2.0...v0.5.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 16:34:33 +01:00
Sebastiaan van Stijn a26de1de0f
vendor: golang.org/x/text v0.3.4
remove the replace rule to update it to the actual version specified:

full diff: https://github.com/golang/text/compare/v0.3.3...v0.3.4

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 15:40:16 +01:00
Sebastiaan van Stijn 7917946a5c
vendor: golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1
remove the replace rule to use the actual version (no changes in vendored code)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 15:37:48 +01:00
Sebastiaan van Stijn 109cc4ea4f
vendor: golang.org/x/sys v0.0.0-20211025201205-69cdffdb9359
remove the replace rule to update it to the actual version specified:

full diff: 63515b42dc...69cdffdb93

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-03-01 15:35:55 +01:00
Nicolas De Loof 7b9580df51 Drop support for (archived) Compose-on-Kubernetes
Signed-off-by: Nicolas De Loof <nicolas.deloof@gmail.com>
2022-02-22 13:47:34 +01:00
CrazyMax 6fef143dbc
Set buildx as default builder
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2022-02-03 10:38:05 +01:00
CrazyMax 7e560ae76f
vendor with go mod
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2021-12-16 21:16:01 +01:00
Sebastiaan van Stijn 61a1775adb
vendor: golang.org/x/sys 63515b42dcdf9544f4e6a02fd7632793fde2f72d (for Go 1.17)
Go 1.17 requires golang.org/x/sys a76c4d0a0096537dc565908b53073460d96c8539 (May 8,
2021) or later, see https://github.com/golang/go/issues/45702. While this seems
to affect macOS only, let's update to the latest version.

full diff: d19ff857e8...63515b42dc

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-08-23 18:10:31 +02:00
Sebastiaan van Stijn 6d25af0cd7
vendor: golang.org/x/time 3af7569d3a1e776fc2a3c1cec133b43105ea9c2e
full diff: 555d28b269...3af7569d3a

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-21 14:29:38 +02:00
Sebastiaan van Stijn 8ebe404dfc
vendor: golang.org/x/sys d19ff857e887eacb631721f188c7d365c2331456
full diff: 134d130e1a...d19ff857e8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-21 14:29:34 +02:00
Sebastiaan van Stijn af1687406b
vendor: golang.org/x/sync 036812b2e83c0ddf193dd5a34e034151da389d09
full diff: cd5d95a43a...036812b2e8

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-21 14:29:32 +02:00
Sebastiaan van Stijn dea9976143
vendor: golang.org/x/net e18ecbb051101a46fc263334b127c89bc7bff7ea
full diff: ab34263943...e18ecbb051

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-21 14:29:30 +02:00
Sebastiaan van Stijn 716291337b
vendor: golang.org/x/crypto 0c34fe9e7dc2486962ef9867e3edb3503537209f
full diff: c1f2f97bff...0c34fe9e7d

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2021-06-21 14:29:28 +02:00
Tonis Tiigi e50cf79579 vendor: update x/sys to 134d130e
Makes possible to build for windows/arm64

Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2021-03-03 23:32:34 -08:00
Tibor Vass 7bef248765 vendor docker, docker-credential-helpers and golang/sys for execabs package
Signed-off-by: Tibor Vass <tibor@docker.com>
2021-01-26 17:18:04 +00:00
Sebastiaan van Stijn 9a0a071d55 vendor: buildkit v0.8.0-rc2, docker
diffs:

- full diff: af34b94a78...6c0a036dce
- full diff: 4d1f260e84...v0.8.0-rc2

New dependencies:

- go.opencensus.io v0.22.3
- github.com/containerd/typeurl v1.0.1
- github.com/golang/groupcache 869f871628b6baa9cfbc11732cdf6546b17c1298

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-02 21:01:12 +00:00
Sebastiaan van Stijn 0e96d92567 vendor: golang.org/x/crypto c1f2f97bffc9c53fc40a1a28a5b460094c0050d9
full diff: 75b288015a...c1f2f97bff

relevant changes:

- pkcs12: document that we use the wrong PEM type
- pkcs12: drop PKCS#12 attributes with unknown OIDs
- ocsp: Improve documentation for ParseResponse and ParseResponseForCert

other changes (not in vendor);

- ssh: improve error message for KeyboardInteractiveChallenge
- ssh: remove slow unnecessary diffie-hellman-group-exchange primality check
- ssh/terminal: replace with a golang.org/x/term wrapper
    - Deprecates ssh/terminal in favor of golang.org/x/term
- ssh/terminal: add support for zos
- ssh/terminal: bump x/term dependency to fix js/nacl
- nacl/auth: use Size instead of KeySize for Sum output
- sha3: remove go:nocheckptr annotation

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-12-02 21:01:12 +00:00
Sebastiaan van Stijn 32d8f358df
vendor: github.com/moby/term 7f0af18e79f2784809e9cef63d0df5aa2c79d76e
full diff: 73f35e472e...7f0af18e79

- update gotest.tools to v3
- Use unix.Ioctl{Get,Set}Termios on all unix platforms
- Make Termios type alias, remove casts

vendor: golang.org/x/sys eeed37f84f13f52d35e095e8023ba65671ff86a1

ed371f2e16...eeed37f84f

- all: add GOOS=ios
- unix: add back IoctlCtlInfo on darwin
- windows: add SetConsoleCursorPosition
- unix: update Dockerfile to Linux 5.9 and Go 1.15.2 (adds `CAP_CHECKPOINT_RESTORE`)

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-11-03 17:40:01 +01:00
Sebastiaan van Stijn dbe2f594ed
vendor: golang.org/x/sys ed371f2e16b4b305ee99df548828de367527b76b
full diff: 85ca7c5b95...ed371f2e16

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-09 14:07:54 +02:00
Sebastiaan van Stijn e70e756053
vendor golang.org/x/net v0.0.0-20200707034311-ab3426394381
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-09 14:07:52 +02:00
Sebastiaan van Stijn 1c3a97b0ff
vendor golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-09-09 14:07:50 +02:00
Sebastiaan van Stijn 668aea3f13
vendor: golang.org/x/text v0.3.3
full diff: https://github.com/golang/text/compare/v0.3.2...v0.3.3

includes a fix for [CVE-2020-14040][1]

[1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14040

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-06-17 13:22:37 +02:00
Sebastiaan van Stijn d10e2b9a6d
vendor: golang.org/x/sys 85ca7c5b95cdf1e557abb38a283d1e61a5959c31
full diff: d5e6a3e2c0...85ca7c5b95

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-05-09 17:26:23 +02:00
Sebastiaan van Stijn edf70dc308
vendor: golang.org/x/oauth2 bf48bf16ab8d622ce64ec6ce98d2c98f916b6303
full diff: ef147856a6...bf48bf16ab

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:19:04 +02:00
Sebastiaan van Stijn 9a41e375b5
vendor: golang.org/x/time 555d28b269f0569763d25dbe1a237ae74c6bcc82
full diff: fbb02b2291...555d28b269

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:19:02 +02:00
Sebastiaan van Stijn 37d184fe16
vendor: golang.org/x/crypto 2aa609cf4a9d7d1126360de73b55b6002f9e052a
full diff: bac4c82f69...2aa609cf4a

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:19:00 +02:00
Sebastiaan van Stijn 7b9012ddde
vendor: golang.org/x/sys d5e6a3e2c0ae16fc7480523ebcb7fd4dd3215489
full diff: 6d18c012ae...d5e6a3e2c0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:18:56 +02:00
Sebastiaan van Stijn 3aab460ee1
vendor: golang.org/x/net 0de0cce0169b09b364e001f108dc0399ea8630b3
full diff: f3200d17e0...0de0cce016

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:18:55 +02:00
Sebastiaan van Stijn e32fe12ae3
vendor: golang.org/x/text v0.3.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:18:53 +02:00
Sebastiaan van Stijn 0dc9d17a2e
vendor: github.com/moby/buildkit ae7ff7174f73bcb4df89b97e1623b3fb0bfb0a0c
full diff: 4f4e030675...ae7ff7174f

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-04-22 17:18:42 +02:00
Sebastiaan van Stijn 1edb10fe30
vendor: bump golang.org/x/crypto bac4c82f6975 (CVE-2020-9283)
full diff: 1d94cc7ab1...bac4c82f69

Version v0.0.0-20200220183623-bac4c82f6975 of golang.org/x/crypto fixes a
vulnerability in the golang.org/x/crypto/ssh package which allowed peers to
cause a panic in SSH servers that accept public keys and in any SSH client.

An attacker can craft an ssh-ed25519 or sk-ssh-ed25519@openssh.com public
key, such that the library will panic when trying to verify a signature
with it. Clients can deliver such a public key and signature to any
golang.org/x/crypto/ssh server with a PublicKeyCallback, and servers can
deliver them to any golang.org/x/crypto/ssh client.

This issue was discovered and reported by Alex Gaynor, Fish in a Barrel,
and is tracked as CVE-2020-9283.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-20 21:20:47 +01:00
Sebastiaan van Stijn c485dab603
vendor: golang.org/x/crypto 1d94cc7ab1c630336ab82ccb9c9cda72a875c382
full diff: 69ecbb4d6d...1d94cc7ab1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-02-19 12:37:32 +01:00
Sebastiaan van Stijn 27d9aa2d9f
vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1 (CVE-2020-7919)
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
which fixes CVE-2020-7919:

- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 11:25:09 +01:00
Sebastiaan van Stijn 268cc5df24
vendor: bump golang.org/x/sys 6d18c012aee9febd81bbf9806760c8c4480e870d
full diff: 9eafafc0a8...6d18c012ae

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-07 10:26:26 +01:00
CarlosEDP 778052b066 bump x/sys to fix riscv64 epoll
Signed-off-by: CarlosEDP <me@carlosedp.com>
2019-08-12 13:13:08 -03:00
Tonis Tiigi 668a9ff8ef vendor: update net and sys
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2019-06-02 00:39:23 -07:00
Sebastiaan van Stijn 909b85460c
bump LK4D4/vndr v0.0.3 and revendor
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-05-14 16:13:27 -07:00
Sebastiaan van Stijn 51de9a883a
bump golang.org/x/crypto 88737f569e3a9c7ab309cdc09a07fe7fc87233c3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-05-13 21:49:19 -07:00
Sebastiaan van Stijn c30e94533c
bump golang.org/x/sys 4b34438f7a67ee5f45cc6132e2bad873a20324e9
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 03:09:42 +02:00
Sebastiaan van Stijn 767fafdb32
bump golang.org/x/sync e225da77a7e68af35c70ccbf71af2b83e6acac3c
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 03:09:36 +02:00
Sebastiaan van Stijn b6cee4567c
bump golang.org/x/net eb5bcb51f2a31c7d5141d810b70815c05d9c9146
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 03:09:33 +02:00
Sebastiaan van Stijn 34806a8b4c
bump golang.org/x/crypto 38d8ce5564a5b71b2e3a00553993f1b9a7ae852f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-04-13 03:09:30 +02:00
Tibor Vass 45ec86b10f vendor github.com/docker/docker to bcaa613d823
Signed-off-by: Tibor Vass <tibor@docker.com>
2019-04-03 20:57:18 +00:00
Sebastiaan van Stijn aaffb71746
vendor golang.org/x/sync 42b317875d0fa942474b76e1b46a6060d720ae6e
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:22:03 +01:00
Sebastiaan van Stijn e06dedf365
bump containerd, runc and dependencies
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:22:00 +01:00
Sebastiaan van Stijn 5ccaaef8c1
vendor golang.org/x/sys d455e41777fca6e8a5a79e34a14b8368bc11d9ba
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-19 22:21:54 +01:00
Sebastiaan van Stijn 05fd2a87dc
Update containerd 1.2.4 and dependencies
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2019-03-02 13:44:57 +01:00
Jérémie Drouet 8a634aa578 alias kubernetes api to compose-on-kubernetes implementation
Signed-off-by: Jérémie Drouet <jeremie.drouet@gmail.com>
2018-12-28 15:49:17 +01:00
Akihiro Suda db7399a016 build: add SSH agent socket forwarder (`docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK`)
Unlike `docker build --secret`, `docker build --ssh` allows the build container to
use SSH keys with passphrases.

  $ eval $(ssh-agent)
  $ ssh-add ~/.ssh/id_rsa
  (Input your passphrase here)
  $ docker build --ssh default=$SSH_AUTH_SOCK ...

This feature requires the daemon with `CapExecMountSSH` build capability (moby/moby#37973) .

Currently, the official Dockerfile frontend does not provide the syntax for using the SSH forwarder.

However, the experimental `RUN --mount=type=ssh` syntax can be enabled by using
the Dockerfile frontend image built with the `BUILDTAGS="dfrunmount dfssh"`, via the `# syntax =` "shebang".

The Dockerfile for the Dockerfile frontend is available at  github.com/moby/buildkit/frontend/dockerfile/cmd/dockerfile-frontend)
The pre-built image is also available as `tonistiigi/dockerfile:ssh20181002` .

An example Dockerfile with `RUN --mount=type=ssh`:

  # syntax = tonistiigi/dockerfile:ssh20181002
  FROM alpine
  RUN apk add --no-cache openssh-client
  RUN mkdir -p -m 0700 ~/.ssh && ssh-keyscan gitlab.com >> ~/.ssh/known_hosts
  RUN --mount=type=ssh ssh git@gitlab.com | tee /hello
  # "Welcome to GitLab, @GITLAB_USERNAME_ASSOCIATED_WITH_SSHKEY" should be printed here

More info available at moby/buildkit#608, moby/buildkit#655

Signed-off-by: Akihiro Suda <suda.akihiro@lab.ntt.co.jp>
2018-10-05 19:56:32 +09:00
Vincent Demeester 8788a4804f
Bump some dependencies to more recent versions (and tagged if available)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-07-25 14:16:41 +02:00
Vincent Demeester c8f0e211b9
Bump kubernetes dependencies to 1.11
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-07-25 11:34:59 +02:00
Vincent Demeester b1065767cd
Bump moby version (and its dependencies)
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-06-08 11:26:10 +02:00
Vincent Demeester 08d6c18570
Update vndr commit to latest
Some fixes and it also preserves directories with *.c files now.

See a6e196d8b4...1fc68ee0c8

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2018-05-24 09:39:22 +02:00
Mathieu Champlon 5d54584f03 Bump moby to d37f5c6bdf788a6cb82c07fb707e31a240eff5f9
Also bringing:
. golang.org/x/net 5561cd9b4330353950f399814f427425c0a26fd2
. github.com/docker/distribution 83389a148052d74ac602f5f1d62f86ff2f3c4aa5
. github.com/docker/swarmkit bd69f6e8e301645afd344913fa1ede53a0a111fb
. github.com/docker/go-metrics d466d4f6fd960e01820085bd7e1a24426ee7ef18
. github.com/prometheus/client_golang 52437c81da6b127a9925d17eb3a382a2e5fd395e
. github.com/beorn7/perks 4c0e84591b9aa9e6dcfdf3e020114cd81f89d5f9
. github.com/prometheus/client_model fa8ad6fec33561be4280a8f0514318c79d7f6cb6
. github.com/prometheus/common ebdfc6da46522d58825777cf1f90490a5b1ef1d8
. github.com/prometheus/procfs abf152e5f3e97f2fafac028d2cc06c1feb87ffa5
. github.com/matttproud/golang_protobuf_extensions v1.0.0

Signed-off-by: Mathieu Champlon <mathieu.champlon@docker.com>
2018-05-18 11:44:14 +02:00
Sebastiaan van Stijn b17215c456
Bump moby to ae7016427f8cba4e4d8fcb979d6ba313ee2c0702
Bring in:

- moby 36517 ensure hijackedConn implements CloseWrite function
- moby 36489 (fixes `errdefs.ErrSystem` interface)
- moby 36506 pkg/mount: use sort.Slice
- moby 36451 Windows: Report Version and UBR

Also update moby dependencies to keep them in sync

- golang.org/x/sync (no code changes)
- Bump runc to 4fc53a81fb7c994640722ac585fa9ca548971871
- Bump swarmkit to 49a9d7f6ba3c1925262641e694c18eb43575f74b

no local code changes

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-03-15 01:51:31 +01:00
Sebastiaan van Stijn d9f5fa8124
update golang.org/x/sys for OpenBSD
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-02-20 17:40:06 +01:00
Vincent Demeester 12c0825a4c Update golang.org/x/net to not panic
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-12-28 14:40:09 +01:00
Vincent Demeester 61713c42a4 Update vendoring
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-12-26 11:45:56 +01:00
Vincent Demeester 1ff277ad8f Fix some build failures
Signed-off-by: Vincent Demeester <vincent@sbr.pm>
2017-12-26 11:22:32 +01:00
Vincent Demeester 8417e49792 Add support for kubernetes in docker cli
- Add support for kubernetes for docker stack command
- Update to go 1.9
- Add kubernetes to vendors
- Print orchestrator in docker version command

Signed-off-by: Vincent Demeester <vincent@sbr.pm>
Signed-off-by: Silvin Lubecki <silvin.lubecki@docker.com>
2017-12-26 11:22:32 +01:00
Sebastiaan van Stijn 5735fff6fc
Bump moby to f4d4f5863156b82ef146b6ff1e845f8dcf019f12
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-11-08 17:50:58 +01:00
Chao Wang 926b20fcb5 Refactor stringutils and fix docker search output form when the description has CJK character
Signed-off-by: Chao Wang <wangchao.fnst@cn.fujitsu.com>
2017-10-27 11:15:10 +08:00
Sebastiaan van Stijn e3b7700fb9
revendor logrus and x/crypto
updates to the same version as is currently used
on moby/moby; this bump contains fixes for ppc64le.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-09-29 15:32:42 +02:00
Riyaz Faizullabhoy fb1cbaeb66 vendor: upgrade notary version for docker trust
Signed-off-by: Riyaz Faizullabhoy <riyaz.faizullabhoy@docker.com>
2017-09-25 09:34:52 -07:00
Andrew Hsu 50696bbf72 vndr golang.org/x/sys to 07c1829
To satisfy requirements of the vndr of docker/docker

Signed-off-by: Andrew Hsu <andrewhsu@docker.com>
2017-09-12 12:11:18 -07:00
Simon Ferquel a0113c3a44 updated vendoring
Signed-off-by: Simon Ferquel <simon.ferquel@docker.com>
2017-09-01 19:41:06 -04:00
Vincent Demeester 472ce90624 Merge pull request #291 from thaJeztah/bump-swarmkit
Bump swarmkit and dependencies to 79381d0840be27f8b3f5c667b348a4467d866eeb
2017-07-21 11:07:38 +02:00
Sebastiaan van Stijn 3e3c9d69d8
Revendor dependencies
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-10 10:56:42 -07:00
Sebastiaan van Stijn 679ae70241
bump golang.org/x/net to 7dcfb8076726a3fdd9353b6b8a1f1b6be6811bd6
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-07-03 17:40:41 -07:00
Tonis Tiigi 4adf701567 vendor: update moby
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>
2017-06-23 11:34:22 -07:00
Daniel Nephin 6686ada6a4 Add vendor
Signed-off-by: Daniel Nephin <dnephin@docker.com>
2017-04-17 18:12:58 -04:00