Paweł Gronowski
fdb48a0664
vendor: github.com/docker/docker v26.0.0
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/8b79278316b5...v26.0.0
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-22 11:41:42 +01:00
Paweł Gronowski
69575f6175
vendor: github.com/docker/docker 8b79278316b5 (master)
...
no changes in vendored files
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-20 15:45:19 +01:00
Paweł Gronowski
b70a26deaf
vendor: github.com/docker/docker 330d777c53fb (v26.0.0-rc3-dev)
...
full diff: 70e46f2c7c...330d777c53
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-19 14:31:41 +01:00
Sebastiaan van Stijn
38c3ff67aa
vendor: github.com/docker/docker 70e46f2c7c2d (v26.0.0-rc3-dev)
...
full diff: https://github.com/docker/docker/compare/v26.0.0-rc2...70e46f2c7c2df8d8cc483d9831a907b12efa201b
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:53:20 +01:00
Sebastiaan van Stijn
a4a79d75c0
vendor: google.golang.org/protobuf v1.33.0, github.com/golang/protobuf v1.5.4
...
full diffs:
- https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.33.0
- https://github.com/golang/protobuf/compare/v1.5.3...v1.5.4
From the Go security announcement list;
> Version v1.33.0 of the google.golang.org/protobuf module fixes a bug in
> the google.golang.org/protobuf/encoding/protojson package which could cause
> the Unmarshal function to enter an infinite loop when handling some invalid
> inputs.
>
> This condition could only occur when unmarshaling into a message which contains
> a google.protobuf.Any value, or when the UnmarshalOptions.UnmarshalUnknown
> option is set. Unmarshal now correctly returns an error when handling these
> inputs.
>
> This is CVE-2024-24786.
In a follow-up post;
> A small correction: This vulnerability applies when the UnmarshalOptions.DiscardUnknown
> option is set (as well as when unmarshaling into any message which contains a
> google.protobuf.Any). There is no UnmarshalUnknown option.
>
> In addition, version 1.33.0 of google.golang.org/protobuf inadvertently
> introduced an incompatibility with the older github.com/golang/protobuf
> module. (https://github.com/golang/protobuf/issues/1596 ) Users of the older
> module should update to github.com/golang/protobuf@v1.5.4.
govulncheck results in our code shows that this does not affect the CLI:
govulncheck ./...
Scanning your code and 448 packages across 72 dependent modules for known vulnerabilities...
=== Symbol Results ===
No vulnerabilities found.
Your code is affected by 0 vulnerabilities.
This scan also found 1 vulnerability in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:41:42 +01:00
Sebastiaan van Stijn
115c8d56e5
vendor: github.com/containerd/containerd v1.7.14
...
no changes in vendored files, but now requires go1.21
full diff: https://github.com/containerd/containerd/compare/v1.7.13...v1.7.14
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:41:38 +01:00
Paweł Gronowski
645b973521
vendor: github.com/docker/docker v26.0.0-rc2
...
full diff: https://github.com/docker/docker/compare/f4c696eef17d...v26.0.0-rc2
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-08 17:10:05 +01:00
Paweł Gronowski
a8379092af
vendor: github.com/docker/docker f4c696eef17d62a42
...
full diff: https://github.com/docker/docker/compare/v26.0.0-rc1+incompatible...f4c696eef17d62a421877d95c4810185750c5641
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-07 19:13:04 +01:00
Paweł Gronowski
5e80232398
vendor: github.com/docker/docker v26.0.0-rc1
...
full diff: https://github.com/docker/docker/compare/c70d7905fbd9...v26.0.0-rc1
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
test: update fixtures
Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
2024-03-01 18:23:25 +01:00
Sebastiaan van Stijn
acc675014f
vendor: github.com/docker/docker c70d7905fbd9 (v26.0.0-dev)
...
full diff: 86b86412a1...c70d7905fb
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:54:20 +01:00
Sebastiaan van Stijn
79541b7e21
vendor: google.golang.org/grpc v1.59.0
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:53:12 +01:00
Sebastiaan van Stijn
096ced0894
vendor: OTEL v0.46.1 / v1.21.0
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:50:23 +01:00
Sebastiaan van Stijn
f3c77df31e
vendor: github.com/prometheus/client_golang v1.17.0
...
full diffs:
- https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0
- https://github.com/prometheus/client_model/compare/v0.3.0...v0.5.0
- https://github.com/prometheus/common/compare/v0.42.0...v0.44.0
- https://github.com/prometheus/procfs/compare/v0.9.0...v0.12.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:45:07 +01:00
Sebastiaan van Stijn
1b42d04d63
vendor: github.com/go-logr/logr v1.3.0
...
full diff: https://github.com/go-logr/logr/compare/v1.2.4...v1.3.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:39:47 +01:00
Sebastiaan van Stijn
f5a29ff8eb
vendor: github.com/containerd/containerd v1.7.13
...
no changes in vendored files
full diff: https://github.com/containerd/containerd/compare/v1.7.12...v1.7.13
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:36:46 +01:00
Sebastiaan van Stijn
df6220d434
vendor: github.com/docker/docker 86b86412a1b7 (v26.0-dev)
...
full diff: 9e075f3808...86b86412a1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-10 12:26:39 +01:00
Sebastiaan van Stijn
324309b086
vendor: github.com/docker/docker 9e075f3808a5 (master, v26.0.0-dev)
...
Vendor docker/docker with API < 1.24 removed. This should not affect client
code.
43ffb1ee9d..9e075f3808
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-07 02:27:53 +01:00
Sebastiaan van Stijn
93ad9fbdf6
vendor: github.com/moby/swarmkit/v2 v2.0.0-20240125134710-dcda100a8261
...
full diff: f082dd7a0c...dcda100a82
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-07 02:23:51 +01:00
Paweł Gronowski
68dac842a1
vendor: github.com/docker/docker 43ffb1ee9d5a (v26.0.0-dev)
...
full diff: https://github.com/docker/docker/compare/v25.0.0...43ffb1ee9d5a
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-01-24 14:59:08 +01:00
Sebastiaan van Stijn
4b1ed1f442
vendor: github.com/docker/docker v25.0.1
...
relevant changes:
- Fix isGitURL regular expression
- pkg/system: return even richer xattr errors
full diff: https://github.com/moby/moby/compare/v25.0.0...v25.0.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-24 12:17:20 +01:00
Sebastiaan van Stijn
337dd82d8b
vendor: github.com/docker/docker v25.0.0
...
full diff: https://github.com/docker/docker/compare/v25.0.0-rc.3...v25.0.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-19 15:03:52 +01:00
Sebastiaan van Stijn
cdb1c105f6
vendor: github.com/docker/docker v25.0.0-rc.3
...
full diff: https://github.com/moby/moby/compare/v25.0.0-rc.2...v25.0.0-rc.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-17 23:28:28 +01:00
Sebastiaan van Stijn
21c2536051
vendor: golang.org/x/sys v0.16.0
...
full diff: https://github.com/golang/sys/compare/v0.15.0...v0.16.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-15 12:01:27 +01:00
Sebastiaan van Stijn
d868dca00f
vendor: github.com/docker/docker v25.0.0-rc.2
...
- feat: make errdefs.IsXXX helper functions work with wrapped errors
full diff: https://github.com/moby/moby/compare/v25.0.0-rc.1...v25.0.0-rc.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-13 02:08:29 +01:00
Sebastiaan van Stijn
8b6ffbdf77
vendor: github.com/containerd/containerd v1.7.12
...
- full diff: https://github.com/containerd/containerd/compare/v1.7.11...v1.7.12
- release notes: https://github.com/containerd/containerd/releases/tag/v1.7.12
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-12 19:31:12 +01:00
Sebastiaan van Stijn
a5e5563f13
vendor: github.com/docker/docker-credential-helpers v0.8.1
...
full diff: https://github.com/docker/docker-credential-helpers/compare/v0.8.0...v0.8.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-10 22:35:03 +01:00
Sebastiaan van Stijn
9db56ea2f6
vendor: golang.org/x/tools v0.16.0, golang.org/x/mod v0.14.0
...
removes dependency on golang.org/x/sys/execabs
full diff:
- https://github.com/golang/tools/compare/v0.10.0...v0.16.0
- https://github.com/golang/mod/compare/v0.11.0...v0.14.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 11:02:26 +01:00
Sebastiaan van Stijn
efae960e5a
vendor: golang.org/x/net v0.19.0
...
drops various code to support go1.17 and older
full diff: https://golang.org/x/net/compare/v0.17.0...v0.19.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:55:39 +01:00
Sebastiaan van Stijn
996cce9098
vendor: golang.org/x/sync v0.6.0
...
full diff: https://github.com/golang/sync/compare/v0.3.0...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:52:47 +01:00
Sebastiaan van Stijn
4b10e55256
vendor: github.com/google/go-cmp v0.6.0
...
- removes purego fallbacks
full diff: https://github.com/google/go-cmp/compare/v0.5.9...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:25:45 +01:00
Sebastiaan van Stijn
1ebc233b4b
vendor: github.com/creack/pty v1.1.21
...
full diff: https://github.com/creack/pty/compare/v1.18.0...v1.21.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:22:09 +01:00
Sebastiaan van Stijn
b4fe77a124
vendor: github.com/docker/go-connections v0.5.0
...
no diff, as the tag is the same commit as we used already;
https://github.com/docker/go-connections/compare/fa09c952e3ea...v0.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-05 18:25:04 +01:00
Sebastiaan van Stijn
b43ea528b8
vendor: github.com/docker/docker v25.0.0-rc.1
...
full diff: https://github.com/docker/docker/compare/v25.0.0-beta.3...v25.0.0-rc.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-05 13:23:48 +01:00
Sebastiaan van Stijn
c1016c05cf
vendor: github.com/mitchellh/mapstructure v1.5.0
...
note that this repository will be sunset, and the "endorsed" fork will be
maintened by "go-viper"; see [mapstructure#349][1]
[1]: https://github.com/mitchellh/mapstructure/issues/349
full diff: https://github.com/mitchellh/mapstructure/compare/v1.3.2...v1.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 17:42:31 +01:00
Sebastiaan van Stijn
eed2d9c765
Merge pull request #4742 from thaJeztah/bump_runewidth
...
vendor: github.com/mattn/go-runewidth v0.0.15
2023-12-27 17:05:40 +01:00
Sebastiaan van Stijn
58524685da
vendor: github.com/mattn/go-runewidth v0.0.15
...
no code-changes, but project updated CI to test against current
Go versions;
https://github.com/mattn/go-runewidth/compare/v0.0.14...v0.0.15
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 10:40:19 +01:00
Sebastiaan van Stijn
1e38fc3b9d
vendor: github.com/klauspost/compress v1.17.4
...
full diff: https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4
v1.17.4:
- huff0: Speed up symbol counting
- huff0: Remove byteReader
- gzhttp: Allow overriding decompression on transport
- gzhttp: Clamp compression level
- gzip: Error out if reserved bits are set
v1.17.3:
- fse: Fix max header size
- zstd: Improve better/best compression
- gzhttp: Fix missing content type on Close
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 10:34:40 +01:00
Sebastiaan van Stijn
0fa3a365f7
vendor: github.com/docker/docker v25.0.0-beta.3
...
no diff, just the tag (which is the same as the previous commit);
https://github.com/moby/moby/compare/7bc56c53657d...v25.0.0-beta.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-21 16:41:36 +01:00
Albin Kerouanton
336787c50a
vendor: github.com/docker/docker 7bc56c53657d (v25.0.0-dev)
...
full diff: 388216fc45...7bc56c5365
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-12-20 22:51:51 +01:00
Sebastiaan van Stijn
4d434dc691
vendor: github.com/docker/docker 388216fc45ab (v25.0.0-dev)
...
full diff: f3cc93630e...388216fc45
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-19 20:11:21 +01:00
Sebastiaan van Stijn
0de84f0190
vendor: golang.org/x/crypto v0.17.0
...
no changes in vendored files
full diff: https://github.com/golang/crypto/compare/v0.16.0...v0.17.0
from the security mailing:
> Hello gophers,
>
> Version v0.17.0 of golang.org/x/crypto fixes a protocol weakness in the
> golang.org/x/crypto/ssh package that allowed a MITM attacker to compromise
> the integrity of the secure channel before it was established, allowing
> them to prevent transmission of a number of messages immediately after
> the secure channel was established without either side being aware.
>
> The impact of this attack is relatively limited, as it does not compromise
> confidentiality of the channel. Notably this attack would allow an attacker
> to prevent the transmission of the SSH2_MSG_EXT_INFO message, disabling a
> handful of newer security features.
>
> This protocol weakness was also fixed in OpenSSH 9.6.
>
> Thanks to Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk from Ruhr
> University Bochum for reporting this issue.
>
> This is CVE-2023-48795 and Go issue https://go.dev/issue/64784 .
>
> Cheers,
> Roland on behalf of the Go team
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-19 00:35:09 +01:00
Sebastiaan van Stijn
3cf0bf84a5
vendor: golang.org/x/crypto v0.16.0
...
full diff: https://github.com/golang/crypto/compare/v0.14.0...v0.16.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-18 13:47:30 +01:00
Sebastiaan van Stijn
36d4db27d5
vendor: golang.org/x/text v0.14.0
...
full diff: https://github.com/golang/text/compare/v0.13.0...v0.14.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-18 13:46:41 +01:00
Sebastiaan van Stijn
3d70100d5d
vendor: golang.org/x/sys v0.15.0
...
full diff: https://github.com/golang/sys/compare/v0.13.0...v0.15.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-18 13:45:50 +01:00
Sebastiaan van Stijn
f63065a58b
vendor: github.com/docker/docker f3cc93630ed8 (v25.0.0-dev)
...
full diff: https://github.com/docker/docker/compare/v25.0.0-beta.2...f3cc93630ed8138a6775cbf150c6bfb341cb337b
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-13 12:48:42 +01:00
Sebastiaan van Stijn
fa1914426d
vendor: github.com/docker/docker v25.0.0-beta.2
...
No changes, as it's the same commit: https://github.com/docker/docker/compare/92884c25b394...v25.0.0-beta.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-13 12:48:42 +01:00
Sebastiaan van Stijn
aec7ec7f61
vendor: github.com/docker/docker 92884c25b394 (v25.0.0-dev)
...
full diff: 4046ae5e2f...92884c25b3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:57:38 +01:00
Sebastiaan van Stijn
0a3a16d2b4
vendor: github.com/containerd/containerd v1.7.11
...
full diff: https://github.com/containerd/containerd/compare/v1.7.8...v1.7.11
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:39:14 +01:00
Sebastiaan van Stijn
54c103aff4
vendor: upgrade OpenTelemetry to v1.19.0 / v0.45.0
...
Upgrade to the latest OpenTelemetry libraries; this will unblock a lot of
downstream projects in the ecosystem to upgrade, as some of the parts here
were pre-1.0/unstable.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:39:08 +01:00
Sebastiaan van Stijn
d49970590c
vendor: github.com/felixge/httpsnoop v1.0.4
...
full diff: https://github.com/felixge/httpsnoop/compare/v1.0.3...v1.0.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-12 16:22:47 +01:00
Sebastiaan van Stijn
0cf7bff0be
vendor: github.com/docker/docker 4046ae5e2fd4 (v25.0.0-dev)
...
full diff: 029519a149...4046ae5e2f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-06 02:06:38 +01:00
Sebastiaan van Stijn
ecf9bd3870
Merge pull request #4686 from thaJeztah/update_engine2
...
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
2023-12-01 16:45:05 +01:00
Sebastiaan van Stijn
5a04708880
vendor: github.com/docker/docker 029519a1498b (v25.0.0-dev)
...
full diff: cfdca8dc1d...029519a149
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:32:47 +01:00
Sebastiaan van Stijn
aa9fdb4dd0
vendor: github.com/gorilla/mux v1.8.1
...
full diff: https://github.com/gorilla/mux/compare/v1.8.0...v1.8.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-01 16:12:20 +01:00
Sebastiaan van Stijn
539537ddf5
vendor: github.com/docker/docker cfdca8dc1d4c (v25.0.0-dev)
...
also added nolint:staticcheck to spec.Networks refs
full diff: https://github.com/docker/docker/compare/v25.0.0-beta.1...cfdca8dc1d4c84ee235f395a011ca62315c957a7
Co-authored-by: Albin Kerouanton <albinker@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-24 09:50:12 +01:00
Sebastiaan van Stijn
1401f91085
Merge pull request #4666 from thaJeztah/bump_hcsshim
...
vendor: github.com/Microsoft/hcsshim v0.11.4
2023-11-21 11:20:16 +01:00
Sebastiaan van Stijn
dad4a19624
vendor: github.com/docker/docker v25.0.0-beta.1
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/34e923e3e31b...v25.0.0-beta.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-20 22:53:51 +01:00
Sebastiaan van Stijn
f4962c65bc
vendor: github.com/Microsoft/hcsshim v0.11.4
...
no changes in vendored files
full diff: https://github.com/microsoft/hcsshim/compare/v0.11.1...v0.11.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-20 18:15:18 +01:00
Sebastiaan van Stijn
685d1baa03
vendor: github.com/docker/docker 34e923e3e31b (v25.0-dev)
...
No code-changes in vendored files.
full diff: c14694a424...34e923e3e3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-13 14:42:08 +01:00
Sebastiaan van Stijn
f65d4a4796
vendor: github.com/docker/go-connections fa09c952e3ea (v0.5.0-dev)
...
0b8c1f4e07...fa09c952e3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-10 22:46:47 +01:00
Sebastiaan van Stijn
f9622b659f
vendor: update go-connections for TLS 1.3 support
...
full diff: https://github.com/docker/go-connections/compare/v0.4.0...0b8c1f4e07a0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-10 15:56:11 +01:00
Sebastiaan van Stijn
d46de7087c
vendor: github.com/docker/docker c14694a424ab (v25.0.0-dev)
...
full diff: ed1a61dcb7...c14694a424
Co-authored-by: Albin Kerouanton <albinker@gmail.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-07 23:41:34 +01:00
Sebastiaan van Stijn
0239b8fd95
vendor: github.com/spf13/cobra v1.8.0
...
release notes: https://github.com/spf13/cobra/releases/tag/v1.8.0
full diff: https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-06 16:54:43 +01:00
Evan Lezar
54eee599ba
Update container-device-interface to v0.6.2
...
This includes migrating from the github.com/container-orchestrated-devices
repo to tags.cncf.io.
Signed-off-by: Evan Lezar <elezar@nvidia.com>
2023-11-04 01:18:41 +01:00
Sebastiaan van Stijn
e088660985
vendor: github.com/docker/docker ed1a61dcb789 (v25.0.0-dev)
...
full diff: fc4d035e7a...ed1a61dcb7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-03 15:14:07 +01:00
Sebastiaan van Stijn
13d34b21ec
vendor: github.com/containerd/containerd v1.7.8
...
no changes in vendored files
full diff: https://github.com/containerd/containerd/compare/v1.7.7...v1.7.8
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-01 16:07:54 +01:00
Sebastiaan van Stijn
aa24d611bd
vendor: google.golang.org/grpc v1.58.3
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-01 16:07:00 +01:00
Sebastiaan van Stijn
7841493823
vendor: golang.org/x/tools v0.10.0
...
full diff: https://github.com/golang/tools/compare/v0.8.0...v0.10.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-01 16:06:07 +01:00
Sebastiaan van Stijn
1a0ae8c6b8
vendor: golang.org/x/mod v0.11.0
...
no changes in vendored files
full diff: https://github.com/golang/mod/compare/v0.10.0...v0.11.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-11-01 16:01:56 +01:00
Sebastiaan van Stijn
663a89b7ad
vendor: github.com/docker/docker fc4d035e7a4e (v25.0.0-dev)
...
full diff: cdb3f9fb8d...fc4d035e7a
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-26 09:30:44 +02:00
Sebastiaan van Stijn
6891974ee9
vendor: github.com/opencontainers/image-spec v1.1.0-rc5
...
full diff: https://github.com/opencontainers/image-spec/compare/v1.1.0-rc4...v1.1.0-rc5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-26 09:30:43 +02:00
Sebastiaan van Stijn
827c404ca0
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230911190601-f082dd7a0cee
...
no changes in vendored files
full diff: 12f0c246fe...f082dd7a0c
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-26 09:30:43 +02:00
Sebastiaan van Stijn
137c495f7b
vendor: github.com/go-logr/logr v1.2.4
...
full diff: https://github.com/go-logr/logr/compare/v1.2.3...v1.2.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-26 09:30:40 +02:00
Brian Goff
dd11de7dbb
Merge pull request #4627 from thaJeztah/bump_compress
...
vendor: github.com/klauspost/compress v1.17.2
2023-10-25 17:41:02 -07:00
Sebastiaan van Stijn
6372c6aae6
vendor: github.com/klauspost/compress v1.17.2
...
fixes data corruption with zstd output in "best"
- 1.17.2 diff: https://github.com/klauspost/compress/compare/v1.17.1...v1.17.2
- full diff: https://github.com/klauspost/compress/compare/v1.16.5...v1.17.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-25 23:14:23 +02:00
Sebastiaan van Stijn
8073525c00
vendor: google.golang.org/grpc v1.56.3
...
server: prohibit more than MaxConcurrentStreams handlers from running at once
(CVE-2023-44487).
In addition to this change, applications should ensure they do not leave running
tasks behind related to the RPC before returning from method handlers, or should
enforce appropriate limits on any such work.
- https://github.com/grpc/grpc-go/compare/v1.56.2...v1.56.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-25 23:11:12 +02:00
Sebastiaan van Stijn
7a2ea5c536
vendor: gotest.tools/v3 v3.5.1
...
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.5.0..v3.5.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-20 17:39:10 +02:00
Sebastiaan van Stijn
46d0ba20f1
vendor: github.com/docker/docker cdb3f9fb8dca (v25.0.0-dev)
...
full diff: d3afa80b96...cdb3f9fb8d
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 22:09:04 +02:00
Sebastiaan van Stijn
3441151e07
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230823155524-12f0c246fed0
...
full diff: bc71908479...12f0c246fe
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 21:40:09 +02:00
Sebastiaan van Stijn
412ebb6771
vendor: github.com/containerd/containerd v1.7.7
...
full diff: https://github.com/containerd/containerd/compare/v1.6.24..v1.7.7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 21:39:50 +02:00
Sebastiaan van Stijn
78eaac75cc
vendor: update OTEL dependencies
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 21:38:21 +02:00
Sebastiaan van Stijn
a27466fb6f
vendor: golang.org/x/net v0.17.0
...
full diff: https://github.com/golang/net/compare/v0.10.0...v0.17.0
This fixes the same CVE as go1.21.3 and go1.20.10;
- net/http: rapid stream resets can cause excessive work
A malicious HTTP/2 client which rapidly creates requests and
immediately resets them can cause excessive server resource consumption.
While the total number of requests is bounded to the
http2.Server.MaxConcurrentStreams setting, resetting an in-progress
request allows the attacker to create a new request while the existing
one is still executing.
HTTP/2 servers now bound the number of simultaneously executing
handler goroutines to the stream concurrency limit. New requests
arriving when at the limit (which can only happen after the client
has reset an existing, in-flight request) will be queued until a
handler exits. If the request queue grows too large, the server
will terminate the connection.
This issue is also fixed in golang.org/x/net/http2 v0.17.0,
for users manually configuring HTTP/2.
The default stream concurrency limit is 250 streams (requests)
per HTTP/2 connection. This value may be adjusted using the
golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
setting and the ConfigureServer function.
This is CVE-2023-39325 and Go issue https://go.dev/issue/63417 .
This is also tracked by CVE-2023-44487.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 20:56:02 +02:00
Sebastiaan van Stijn
612a171557
vendor: golang.org/x/crypto v0.14.0
...
full diff: https://github.com/golang/crypto/compare/v0.9.0...v0.14.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 20:55:22 +02:00
Sebastiaan van Stijn
392db31e2a
vendor: golang.org/x/term v0.13.0
...
- term: consistently return zeroes on GetSize error
full diff: https://github.com/golang/term/compare/v0.8.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 20:53:19 +02:00
Sebastiaan van Stijn
ac307788a6
vendor: golang.org/x/text v0.13.0
...
full diff: https://github.com/golang/text/compare/v0.9.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 20:50:23 +02:00
Sebastiaan van Stijn
48655f794c
vendor: golang.org/x/sys v0.13.0
...
full diff: https://github.com/golang/sys/compare/v0.10.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 20:49:37 +02:00
Sebastiaan van Stijn
6de5254162
vendor: github.com/docker/distribution v2.8.3
...
- Fix storageDriver gcs not registered in binaries
- reference: replace uses of deprecated function SplitHostname
- Dont parse errors as JSON unless Content-Type is set to JSON
- update to go1.20.8
- Set Content-Type header in registry client ReadFrom
- deprecate reference package, migrate to github.com/distribution/reference
- digestset: deprecate package in favor of go-digest/digestset
- Do not close HTTP request body in HTTP handler
full diff: https://github.com/distribution/distribution/compare/v2.8.2...v2.8.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-13 17:54:59 +02:00
Sebastiaan van Stijn
4c75107a62
vendor: github.com/distribution/reference v0.5.0
...
full diff: https://github.com/distribution/reference/compare/e42074f83a9c...v0.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 00:18:52 +02:00
Sebastiaan van Stijn
febb37a38e
remove buildkit as dependency
...
This copies the github.com/moby/buildkit/util/appcontext
package as an internal package. The appcontext package from
BuildKit was the only remaining dependency on BuildKit, and
while we may need some of its functionality, the implementation
is not correct for how it's used in docker/cli (so would need
a rewrite).
Moving a copy of the code into the docker/cli (but as internal
package to prevent others from depending on it) is a first step
in that process, and removes the circular dependency between
BuildKit and the CLi.
We are only using these:
tree vendor/github.com/moby/buildkit
vendor/github.com/moby/buildkit
├── AUTHORS
├── LICENSE
└── util
└── appcontext
├── appcontext.go
├── appcontext_unix.go
├── appcontext_windows.go
└── register.go
3 directories, 6 files
Before this:
go mod graph | grep ' github.com/docker/cli'
github.com/moby/buildkit@v0.11.6 github.com/docker/cli@v23.0.0-rc.1+incompatible
After this:
go mod graph | grep ' github.com/docker/cli'
# (nothing)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 00:04:51 +02:00
Sebastiaan van Stijn
3e2187b4cb
vendor: github.com/docker/docker d3afa80b96bf (v25.0.0-dev)
...
full diff: 06499c52e2...d3afa80b96
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-21 15:30:51 +02:00
Sebastiaan van Stijn
f90890fb48
vendor: github.com/Microsoft/hcsshim v0.11.1
...
full diff: https://github.com/microsoft/hcsshim/compare/v0.9.10...v0.11.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-21 15:29:50 +02:00
Sebastiaan van Stijn
23f50a0665
vendor: github.com/containerd/containerd v1.6.24
...
unfortunately, brings back hcsshim as dependency
full diff: https://github.com/containerd/containerd/compare/v1.6.22...v1.6.24
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:42:32 +02:00
Sebastiaan van Stijn
497b13c661
vendor: github.com/klauspost/compress v1.16.5
...
full diff: https://github.com/klauspost/compress/compare/v1.16.3...v1.16.5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:38:35 +02:00
Sebastiaan van Stijn
e0ad0127b1
vendor: google.golang.org/grpc v1.56.2
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:37:37 +02:00
Sebastiaan van Stijn
c2308ad6fb
vendor: google.golang.org/protobuf v1.31.0
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:36:23 +02:00
Sebastiaan van Stijn
56396ba357
vendor: golang.org/x/tools v0.8.0
...
full diff:
- https://github.com/golang/mod/compare/v0.9.0...v0.10.0
- https://github.com/golang/tools/compare/v0.7.0...v0.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:36:16 +02:00
Sebastiaan van Stijn
c9d56b8504
vendor: golang.org/x/crypto v0.9.0
...
full diff: https://github.com/golang/crypto/compare/v0.3.0...v0.9.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:36:07 +02:00
Sebastiaan van Stijn
ffea6940e7
vendor: golang.org/x/sys v0.10.0
...
full diff: https://github.com/golang/sys/compare/v0.8.0...v0.10.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:29:33 +02:00
Sebastiaan van Stijn
1554b49329
vendor: golang.org/x/sync v0.3.0
...
full diff: https://github.com/golang/sync/compare/v0.1.0...v0.3.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:28:31 +02:00
Sebastiaan van Stijn
78012b00a5
vendor: container-device-interface v0.6.1
...
no changes to vendored files
full diff: https://github.com/container-orchestrated-devices/container-device-interface/compare/v0.6.0...v0.6.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-19 16:24:08 +02:00