Sebastiaan van Stijn
17770189de
vendor: github.com/klauspost/compress v1.17.2
...
fixes data corruption with zstd output in "best"
- 1.17.2 diff: https://github.com/klauspost/compress/compare/v1.17.1...v1.17.2
- full diff: https://github.com/klauspost/compress/compare/v1.16.5...v1.17.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 6372c6aae6
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-25 23:17:39 +02:00
Sebastiaan van Stijn
cde0441dc8
vendor: github.com/klauspost/compress v1.16.5
...
full diff: https://github.com/klauspost/compress/compare/v1.16.3...v1.16.5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 497b13c661
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-25 23:17:35 +02:00
Sebastiaan van Stijn
d43c48d5ab
vendor: golang.org/x/net v0.17.0
...
full diff: https://github.com/golang/net/compare/v0.10.0...v0.17.0
This fixes the same CVE as go1.21.3 and go1.20.10;
- net/http: rapid stream resets can cause excessive work
A malicious HTTP/2 client which rapidly creates requests and
immediately resets them can cause excessive server resource consumption.
While the total number of requests is bounded to the
http2.Server.MaxConcurrentStreams setting, resetting an in-progress
request allows the attacker to create a new request while the existing
one is still executing.
HTTP/2 servers now bound the number of simultaneously executing
handler goroutines to the stream concurrency limit. New requests
arriving when at the limit (which can only happen after the client
has reset an existing, in-flight request) will be queued until a
handler exits. If the request queue grows too large, the server
will terminate the connection.
This issue is also fixed in golang.org/x/net/http2 v0.17.0,
for users manually configuring HTTP/2.
The default stream concurrency limit is 250 streams (requests)
per HTTP/2 connection. This value may be adjusted using the
golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
setting and the ConfigureServer function.
This is CVE-2023-39325 and Go issue https://go.dev/issue/63417 .
This is also tracked by CVE-2023-44487.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit a27466fb6f
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:35:49 +02:00
Sebastiaan van Stijn
1919679638
vendor: golang.org/x/crypto v0.14.0
...
full diff: https://github.com/golang/crypto/compare/v0.9.0...v0.14.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 612a171557
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:34:31 +02:00
Sebastiaan van Stijn
6c5bc490d4
vendor: golang.org/x/term v0.13.0
...
- term: consistently return zeroes on GetSize error
full diff: https://github.com/golang/term/compare/v0.8.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 392db31e2a
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:33:19 +02:00
Sebastiaan van Stijn
66558a4e64
vendor: golang.org/x/text v0.13.0
...
full diff: https://github.com/golang/text/compare/v0.9.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit ac307788a6
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:32:30 +02:00
Sebastiaan van Stijn
0d554b549b
vendor: golang.org/x/sys v0.13.0
...
full diff: https://github.com/golang/sys/compare/v0.10.0...v0.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 48655f794c
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:31:38 +02:00
Sebastiaan van Stijn
8c4dc6c603
vendor: golang.org/x/crypto v0.9.0
...
full diff: https://github.com/golang/crypto/compare/v0.3.0...v0.9.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit c9d56b8504
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:29:57 +02:00
Sebastiaan van Stijn
aef1157742
vendor: golang.org/x/sys v0.10.0
...
full diff: https://github.com/golang/sys/compare/v0.8.0...v0.10.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit ffea6940e7
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:27:19 +02:00
Sebastiaan van Stijn
54894f0224
vendor: golang.org/x/sync v0.3.0
...
full diff: https://github.com/golang/sync/compare/v0.1.0...v0.3.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1554b49329
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-10-19 12:27:00 +02:00
Sebastiaan van Stijn
bf632329d2
vendor: github.com/moby/patternmatcher v0.6.0
...
- integrate frontend/dockerfile/dockerignore from buildkit
full diff: https://github.com/moby/patternmatcher/compare/v0.5.0...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 55ff9e6093
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 13:22:00 +02:00
Sebastiaan van Stijn
1481c8ce9a
vendor: gotest.tools/v3 v3.5.0
...
- go.mod: update dependencies and go version by
- Use Go1.20
- Fix couple of typos
- Added `WithStdout` and `WithStderr` helpers
- Moved `cmdOperators` handling from `RunCmd` to `StartCmd`
- Deprecate `assert.ErrorType`
- Remove outdated Dockerfile
- add godoc links
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.4.0...v3.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0b535c791a
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-29 21:34:33 +02:00
Sebastiaan van Stijn
e97c765575
vendor: github.com/docker/docker v24.0.5
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/d4a26c153000...v24.0.5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-25 08:55:10 +02:00
Sebastiaan van Stijn
05bf7fbcc8
vendor: github.com/docker/docker v24.0.5-0.20230718221249-d4a26c153000
...
full diff: 8443a06149...d4a26c1530
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-19 00:17:46 +02:00
Sebastiaan van Stijn
8b5023dd2e
vendor: github.com/docker/docker v24.0.5-0.20230717072055-8443a06149b5
...
tip of the v24.0 branch
full diff: 36e9e796c6...8443a06149
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-17 09:30:01 +02:00
Sebastiaan van Stijn
7d06f6b2f7
vendor: github.com/docker/docker v24.0.5-0.20230714235725-36e9e796c6fc
...
full diff: https://github.com/docker/docker/compare/v24.0.4...36e9e796c6fc84202c32a852f6cdcd6ed175f96b
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-15 02:23:53 +02:00
Sebastiaan van Stijn
b407429628
vendor: github.com/docker/docker v24.0.4
...
full diff: https://github.com/docker/docker/compare/v24.0.2...v24.0.4
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-10 09:48:09 +02:00
Sebastiaan van Stijn
79c42c0b97
vendor: golang.org/x/net v0.10.0
...
full diff: https://github.com/golang/net/compare/v0.8.0...v0.10.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 18:07:19 +02:00
Sebastiaan van Stijn
a96d0a526c
vendor: golang.org/x/text v0.9.0
...
no changes in vendored files
full diff: https://github.com/golang/text/compare/v0.8.0...v0.9.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 18:06:32 +02:00
Sebastiaan van Stijn
5c5c50d717
vendor: golang.org/x/term v0.8.0
...
no changes in vendored files
full diff: https://github.com/golang/term/compare/v0.6.0...v0.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 18:05:12 +02:00
Sebastiaan van Stijn
4bf11b7562
vendor: golang.org/x/sys v0.8.0
...
full diff: https://github.com/golang/sys/compare/v0.6.0...v0.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 18:03:50 +02:00
Sebastiaan van Stijn
224c7dbec4
vendor: github.com/sirupsen/logrus v1.9.3
...
full diff: https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 18:00:12 +02:00
Sebastiaan van Stijn
e25d5c64c5
vendor: github.com/opencontainers/image-spec v1.1.0-rc3
...
full diff: https://github.com/opencontainers/image-spec/compare/3a7f492d3f1b...v1.1.0-rc3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 17:58:46 +02:00
Sebastiaan van Stijn
419e94df4a
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230531205928-01bb7a41396b
...
no changes in vendored files
full diff: 75e92ce14f...01bb7a4139
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-07 17:56:34 +02:00
Sebastiaan van Stijn
32f66cbe51
vendor: github.com/docker/docker v24.0.2
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/v24.0.1...v24.0.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-31 22:48:27 +02:00
Sebastiaan van Stijn
dc4707edb0
[24.0] vendor: github.com/docker/docker v24.0.1
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/v24.0.0-rc.3...v24.0.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-25 22:11:54 +02:00
Sebastiaan van Stijn
fb6ae356c7
vendor: github.com/docker/docker v24.0.0-rc.3
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/v24.0.0-rc.2...v24.0.0-rc.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-12 00:03:10 +02:00
Sebastiaan van Stijn
de93c9b260
vendor: github.com/docker/distribution v2.8.2
...
CI
- Dockerfile: fix filenames of artifacts
Bugfixes
- Fix panic in inmemory driver
- Add code to handle pagination of parts. Fixes max layer size of 10GB bug
- Parse http forbidden as denied
- Revert "registry/client: set Accept: identity header when getting layers
Runtime
- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([#3907 ](https://github.com/distribution/distribution/pull/3907 ))
Security
- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391 ) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253 ) runaway allocation on /v2/_catalog [`521ea3d9`](521ea3d973
)
full diff: https://github.com/docker/distribution/compare/v2.8.1...v2.8.2-beta.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 353e0a942d
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-11 19:16:03 +02:00
Sebastiaan van Stijn
58f37f630c
vendor: github.com/docker/docker v24.0.0-rc.2
...
no diff, because it's the same as the previous commit, but now tagged;
8d9a40a820
...v24.0.0-rc.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1d8e2b6525
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 13:55:17 +02:00
Sebastiaan van Stijn
4f97f55999
vendor: github.com/docker/docker v24.0.0-rc.1.0.20230505222407-8d9a40a82034
...
This will be v24.0.0-rc.2
full diff: https://github.com/docker/docker/compare/v24.0.0-rc.1...8d9a40a820349860405e142249c55215aa4da8e3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 00:34:34 +02:00
Sebastiaan van Stijn
0428418d6b
vendor: github.com/containerd/containerd v1.6.21
...
no changes in vendored files
full diff: https://github.com/containerd/containerd/compare/v1.6.20...v1.6.21
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 00:30:50 +02:00
Sebastiaan van Stijn
05bf6fff2e
vendor: github.com/opencontainers/runc v1.1.7
...
full diff: https://github.com/opencontainers/runc/compare/v1.1.6...v1.1.7
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-06 00:27:51 +02:00
Sebastiaan van Stijn
44fce07069
vendor: github.com/mattn/go-runewidth v0.0.14
...
Contains various performance optimisations.
full diff: https://github.com/mattn/go-runewidth/compare/v0.0.13...v0.0.14
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-05 02:37:12 +02:00
Sebastiaan van Stijn
f233becf91
vendor: github.com/moby/term v0.5.0
...
- split exported functions from implementation
- windows: IsConsole(): fix deprecation comment
- deprecate Termios in favor of unix.Termios
- windows: keyToString(): fix string conversion
- gha: update actions, add macOS, and add Go1.20
- gha: add windows
full diff: https://github.com/moby/term/compare/c43b287e0e0f...v0.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-05-02 14:22:36 +02:00
Sebastiaan van Stijn
bd2c26328f
vendor: github.com/docker/docker v24.0.0-rc.1
...
full diff: https://github.com/docker/docker/compare/v24.0.0-beta.2...v24.0.0-rc.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-28 17:56:17 +02:00
Sebastiaan van Stijn
962e22c311
vendor: github.com/moby/swarmkit/v2 v2.0.0-20230406225228-75e92ce14ff7
...
full diff: e28e8ba9bc...75e92ce14f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:22:45 +02:00
Sebastiaan van Stijn
72192c75c2
vendor: github.com/moby/buildkit v0.11.6
...
no changes in vendored files
full diff: https://github.com/moby/buildkit/compare/v0.11.5...v0.11.6
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:21:59 +02:00
Sebastiaan van Stijn
c177e2060d
vendor: github.com/creack/pty v1.1.18
...
full diff: https://github.com/creack/pty/compare/v1.1.11...v1.1.18
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-27 02:20:43 +02:00
Sebastiaan van Stijn
a4bcabc7d2
vendor: github.com/docker/docker v24.0.0-beta.2
...
full diff: https://github.com/docker/docker/compare/v24.0.0-beta.1...v24.0.0-beta.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:14:51 +02:00
Sebastiaan van Stijn
0286e36bbe
vendor: github.com/opencontainers/runc v1.1.6
...
full diff: https://github.com/opencontainers/runc/compare/v1.1.5...v1.1.6
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:13:21 +02:00
Sebastiaan van Stijn
1f1a6c5a82
vendor: golang.org/x/net v0.8.0
...
full diff: https://github.com/golang/net/compare/v0.7.0...v0.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:12:23 +02:00
Sebastiaan van Stijn
6e2163a712
vendor: golang.org/x/text v0.8.0
...
full diff: https://github.com/golang/text/compare/v0.7.0...v0.8.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:11:05 +02:00
Sebastiaan van Stijn
551d519b57
vendor: golang.org/x/term v0.6.0
...
full diff: https://github.com/golang/term/compare/v0.5.0...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-17 23:10:07 +02:00
Sebastiaan van Stijn
c25b8f803e
vendor: github.com/spf13/cobra v1.7.0
...
release notes: https://github.com/spf13/cobra/releases/tag/v1.7.0
Features
- Allow to preserve ordering of completions in bash, zsh, pwsh, & fish
- Add support for PowerShell 7.2+ in completions
- Allow sourcing zsh completion script
Bug fixes
- Don't remove flag values that match sub-command name
- Fix powershell completions not returning single word
- Remove masked template import variable name
- Correctly detect completions with dash in argument
Testing & CI/CD
- Deprecate Go 1.15 in CI
- Deprecate Go 1.16 in CI
- Add testing for Go 1.20 in CI
- Add tests to illustrate unknown flag bug
Maintenance
- Update main image to better handle dark backgrounds
- Fix stale.yaml mispellings
- Remove stale bot from GitHub actions
- Add makefile target for installing dependencies
- Add Sia to projects using Cobra
- Add Vitess and Arewefastyet to projects using cobra
- Fixup for Kubescape github org
- Fix route for GitHub workflows badge
- Fixup for GoDoc style documentation
- Various bash scripting improvements for completion
- Add Constellation to projects using Cobra
Documentation
- Add documentation about disabling completion descriptions
- Improve MarkFlagsMutuallyExclusive example in user guide
- Update shell_completions.md
- Update copywrite year
- Document suggested layout of subcommands
- Replace deprecated ExactValidArgs with MatchAll in doc
full diff: https://github.com/spf13/cobra/compare/v1.6.1...v1.7.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-09 23:10:56 +02:00
Sebastiaan van Stijn
966e191d30
Merge pull request #4151 from crazy-max/improve-plugins-list
...
improve plugins listing performance
2023-04-03 14:35:15 +02:00
Kevin Alvarez
89583b92b7
improve plugins listing performance
...
We can slightly improve plugins listing by spawning a
goroutine for each iteration.
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-04-01 16:02:34 +02:00
Sebastiaan van Stijn
fc560038ea
vendor: github.com/docker/docker v24.0.0-beta.1
...
full diff: https://github.com/docker/docker/compare/7c93e4a09be1...v24.0.0-beta.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-04-01 01:44:04 +02:00
Sebastiaan van Stijn
33961a79f1
Merge pull request #4142 from thaJeztah/update_engine2
...
vendor: docker/docker master (v24.0.0-dev), containerd v1.6.20
2023-03-31 22:49:28 +02:00
CrazyMax
e14f5fc1a7
revert "improve plugins discovery performance"
...
This reverts commit 62f2358b99
.
Spawning a goroutine for each iteration in the loop when listing
plugins is racy unfortunately. `plugins` slice is protected with
a mutex so not sure why it fails.
I tried using a channel to collect the plugins instead of a slice
to guarantee that they will be appended to the list in the order
they are processed but no dice.
I also tried without errgroup package and simply use sync.WaitGroup
but same. I have also created an extra channel to receive errors
from the goroutines but racy too.
I think the change in this function is not related to the race
condition but newPlugin is. So revert in the meantime :(
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com>
2023-03-31 16:20:42 +02:00
Sebastiaan van Stijn
05cffcbedf
vendor: github.com/docker/docker 7c93e4a09be1 (v24.0.0-dev)
...
full diff: 54130b542d...7c93e4a09b
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-31 01:00:05 +02:00