Commit Graph

8860 Commits

Author SHA1 Message Date
Tianon Gravi 35453d6c4f
Update minimum Go version to 1.19
On Go 1.18 since a5ebe2282a, we get:

    # github.com/docker/docker-credential-helpers/client
    vendor/github.com/docker/docker-credential-helpers/client/command.go:34:39: programCmd.Environ undefined (type *exec.Cmd has no field or method Environ)
    note: module requires Go 1.19
    # github.com/docker/cli/cli/connhelper/commandconn
    cli/connhelper/commandconn/commandconn.go:71:22: undefined: atomic.Bool
    cli/connhelper/commandconn/commandconn.go:76:22: undefined: atomic.Bool
    cli/connhelper/commandconn/commandconn.go:77:22: undefined: atomic.Bool
    cli/connhelper/commandconn/commandconn.go:78:22: undefined: atomic.Bool

These go away when building against 1.19+.

Signed-off-by: Tianon Gravi <admwiggin@gmail.com>
(cherry picked from commit 0f59f04f57)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-29 10:00:53 +02:00
Sebastiaan van Stijn 1ebaef3663
Dockerfile: use GOTOOLCHAIN=local
This may find its way into the official images, but until it does, let's
make sure we don't get unexpected updates of go.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e9759cee69)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 14:30:13 +02:00
Sebastiaan van Stijn 8a7833ab62
Dockerfile: build gotestsum and goversioninfo without cgo
It's not needed to build these binaries. The Dockerfile.dev image already
has CGO_ENABLED=0 as default in the golang image, so does not need updates.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit f07e7e1eed)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 14:29:40 +02:00
Sebastiaan van Stijn 2e86812d7a
e2e: update to use compose v2, and don't depend on distro-packages
We were depending on alpine's package repository to install compose,
but for debian we used compose's GitHub releases. Depending on distro
packages means that we don't know when updates will happen, and versions
may diverge because of that; for example, alpine 3.18 updated to compose
v2;

On alpine 3.17:

    make -f docker.Makefile build-e2e-image
    docker run --rm docker-cli-e2e docker-compose --version
    docker-compose version 1.29.2, build unknown

On alpine 3.18:

    make -f docker.Makefile build-e2e-image
    docker run --rm docker-cli-e2e docker-compose --version
    Docker Compose version v2.17.3

This caused our e2e script to fail, as it made assumptions about the name
format created by compose, which changed from underscores to hyphens in v2;

    Container cliendtoendsuite-engine-1  Running
    Error: No such object: cliendtoendsuite_engine_1

This patch:

- updates the Dockerfile to install compose from the compose-bin image
- adjusts the e2e script for the new naming scheme format
- removes the version field from the compose-files used in e2e, as they
  are no longer used by compose.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9e424af5da)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 14:29:27 +02:00
Sebastiaan van Stijn e7ca37861b
Dockerfile: use COPY --link where possible
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit af05a68828)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-28 14:28:47 +02:00
Bjorn Neergaard 1f8118b1cc
Merge pull request #4565 from thaJeztah/24.0_backport_docker_tag_dupwords
[24.0 backport] docs: fix duplicate words in "docker tag" reference
2023-09-15 08:17:43 -06:00
Sebastiaan van Stijn f2a3d50b30
docs: fix duplicate words in "docker tag" reference
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3a16c3bb09)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-14 13:45:34 +02:00
Bjorn Neergaard edae25f8af
Merge pull request #4561 from thaJeztah/24.0_backport_update_golang_1.20.8
[24.0 backport] update to go1.20.8
2023-09-13 10:05:54 -06:00
Bjorn Neergaard d848d49be9
Merge pull request #4543 from thaJeztah/24.0_backport_bump_golangci_lint
[24.0 backport] update golangci-lint to v1.54.2
2023-09-13 10:05:27 -06:00
Sebastiaan van Stijn 4feeefbd68
update to go1.20.8
go1.20.8 (released 2023-09-06) includes two security fixes to the html/template
package, as well as bug fixes to the compiler, the go command, the runtime,
and the crypto/tls, go/types, net/http, and path/filepath packages. See the
Go 1.20.8 milestone on our issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.20.8+label%3ACherryPickApproved

full diff: https://github.com/golang/go/compare/go1.20.7...go1.20.8

From the security mailing:

[security] Go 1.21.1 and Go 1.20.8 are released

Hello gophers,

We have just released Go versions 1.21.1 and 1.20.8, minor point releases.

These minor releases include 4 security fixes following the security policy:

- cmd/go: go.mod toolchain directive allows arbitrary execution
  The go.mod toolchain directive, introduced in Go 1.21, could be leveraged to
  execute scripts and binaries relative to the root of the module when the "go"
  command was executed within the module. This applies to modules downloaded using
  the "go" command from the module proxy, as well as modules downloaded directly
  using VCS software.

  Thanks to Juho Nurminen of Mattermost for reporting this issue.

  This is CVE-2023-39320 and Go issue https://go.dev/issue/62198.

- html/template: improper handling of HTML-like comments within script contexts
  The html/template package did not properly handle HMTL-like "<!--" and "-->"
  comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This may
  cause the template parser to improperly interpret the contents of <script>
  contexts, causing actions to be improperly escaped. This could be leveraged to
  perform an XSS attack.

  Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this
  issue.

  This is CVE-2023-39318 and Go issue https://go.dev/issue/62196.

- html/template: improper handling of special tags within script contexts
  The html/template package did not apply the proper rules for handling occurrences
  of "<script", "<!--", and "</script" within JS literals in <script> contexts.
  This may cause the template parser to improperly consider script contexts to be
  terminated early, causing actions to be improperly escaped. This could be
  leveraged to perform an XSS attack.

  Thanks to Takeshi Kaneko (GMO Cybersecurity by Ierae, Inc.) for reporting this
  issue.

  This is CVE-2023-39319 and Go issue https://go.dev/issue/62197.

- crypto/tls: panic when processing post-handshake message on QUIC connections
  Processing an incomplete post-handshake message for a QUIC connection caused a panic.

  Thanks to Marten Seemann for reporting this issue.

  This is CVE-2023-39321 and CVE-2023-39322 and Go issue https://go.dev/issue/62266.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 4b00be585c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-09-13 17:49:18 +02:00
Bjorn Neergaard ed223bc820
Merge pull request #4544 from thaJeztah/24.0_backport_fix_events_json_format
[24.0 backport] cli/command/system: fix "docker events" not supporting --format=json
2023-08-31 11:24:32 -06:00
Sebastiaan van Stijn fab55e13ce
cli/command/system: fix "docker events" not supporting --format=json
Before this patch:

    docker events --format=json
    json
    json
    json
    ^C

With this patch:

    docker events --format=json
    {"status":"create","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"create","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508190136885}
    {"status":"attach","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"attach","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508192851593}
    {"Type":"network","Action":"connect","Actor":{"ID":"c54920dd5074a73e28bea62007e0334d81cc040a90372be311cf16806403d350","Attributes":{"container":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","name":"bridge","type":"bridge"}},"scope":"local","time":1693168508,"timeNano":1693168508212398802}
    {"status":"start","id":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","from":"hello-world","Type":"container","Action":"start","Actor":{"ID":"4ac3bba8abd68961e627540fed81ad16d55b88e45629d7cdb792126d09b6488d","Attributes":{"image":"hello-world","name":"dreamy_goldstine"}},"scope":"local","time":1693168508,"timeNano":1693168508312969843}
    ^C

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 6dfdd1eae9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 17:36:44 +02:00
Sebastiaan van Stijn 989b340a6c
update golangci-lint to v1.54.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit db6209abdd)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 14:22:46 +02:00
Sebastiaan van Stijn 2fcff17544
Merge pull request #4537 from thaJeztah/24.0_backort_docs_fixes
[24.0 backport] docs/reference: run.md: remove stray whitespace and update cli-docs-tool to v0.6.0
2023-08-29 11:44:13 +02:00
Sebastiaan van Stijn b74d8e1a53
Merge pull request #4538 from thaJeztah/24.0_backport_history_test
[24.0 backport] un-skip history test and fix golden mismatches
2023-08-29 11:43:55 +02:00
Sebastiaan van Stijn 3789f8a39e
Merge pull request #4542 from thaJeztah/24.0_backport_manifest_deref
[24.0 backport] cli/registry: fix client.pullManifestList not de-referencing manifest, and remove "v1" check
2023-08-29 11:43:38 +02:00
Sebastiaan van Stijn d3485b9e9f
cli/registry: client.iterateEndpoints: remove check for APIVersion1
registryService.LookupPullEndpoints uses lookupV2Endpoints
https://github.com/moby/moby/blob/v24.0.5/registry/service.go#L137-L142

which, as the name indicates, only returns V2 endpoints;
https://github.com/moby/moby/blob/v24.0.5/registry/service_v2.go#L10-L80

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 22b4bab90f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 09:45:37 +02:00
Sebastiaan van Stijn 613380299f
cli/registry: fix client.pullManifestList not de-referencing manifest
Kudos to gosec;

    cli/registry/client/fetcher.go:205:57: G601: Implicit memory aliasing in for loop. (gosec)
            imageManifest.Descriptor.Platform = types.OCIPlatform(&manifestDescriptor.Platform)
                                                                  ^

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5250f1bab5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-29 09:45:37 +02:00
Sebastiaan van Stijn b83959e001
force TestNewHistoryCommandSuccess to use UTC timezone
This test was skipped if the host was not using UTC timezone, because the output
of timestamps would be different, causing the test to fail.

This patch overrides the TZ env-var to make the test use UTC, so that we don't
have to skip the test.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 42ac5d4bf9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 23:00:49 +02:00
Jason Hall 28a08a22b9
un-skip history test and fix golden mismatches
Signed-off-by: Jason Hall <jason@chainguard.dev>
(cherry picked from commit f5e224e940)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 23:00:37 +02:00
Sebastiaan van Stijn 8e0393932b
update cli-docs-tool to v0.6.0
release notes: https://github.com/docker/cli-docs-tool/releases/tag/v0.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 17f4c8259b)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 22:58:11 +02:00
Sebastiaan van Stijn efd052eb85
docs/reference: run.md: remove stray whitespace
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 3d2aac6a0d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-28 22:43:15 +02:00
Sebastiaan van Stijn cdd81d6559
Merge pull request #4528 from thaJeztah/24.0_backport_docs
[24.0 backport] assorted (docs) backports
2023-08-25 17:23:07 +02:00
Vaclav Struhar d9770a962e
adding -c option for docker run/build in manpages
Signed-off-by: Vaclav Struhar <struharv@gmail.com>
(cherry picked from commit be219b3172)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:10:12 +02:00
Sebastiaan van Stijn 6efe73abe0
cli/command/manifest: update link to Go documentation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 273f2cd95e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:04:36 +02:00
Sebastiaan van Stijn d977531018
man: update links to Go documentation
Go documentation moved to the `go.dev` domain;

    curl -sI https://golang.org/doc/install/source#environment | grep 'location'
    location: https://go.dev/doc/install/source

Also updated some links to use https, where available.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 722e3aae4f)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:04:36 +02:00
Sebastiaan van Stijn e9f843bf04
docs/reference: update links to Go documentation
Go documentation moved to the `go.dev` domain;

    curl -sI https://golang.org/doc/install/source#environment | grep 'location'
    location: https://go.dev/doc/install/source

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit dc4feccb89)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:04:36 +02:00
Sebastiaan van Stijn cfbaee4689
CONTRIBUTING.md: update links
- docs moved to https://go.dev/doc/
- blog moved to https://go.dev/blog/
- update DCO link to use https

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1d3af726eb)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:04:36 +02:00
Sebastiaan van Stijn daeee46977
update flag-description for --cgroup-parent
This attempts to make it clearer that the --cgroup-parent option is only used
for the containers used during build. Instead of mentioning "build container",
I opted for using "RUN instructions" (to match the --network description),
although this may not be ideal (as it assumes the "Dockerfile" front-end, which
of course may not be the case).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit e050312e6d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:03:46 +02:00
Ed Morley 08ad72160f
Update docs/command output for volume pruning
In previous versions of the Docker API, `system prune --volumes` and `volume prune`
would remove all dangling volumes. With API v1.42, this was changed so that only
anonymous volumes would be removed unless the all filter was specified.

Some of the docs were updated in #4218, however, there were a couple of places
left that didn't make the anonymous vs named volumes distinction clear.

This replaces #4079, which was bitrotted by #4218. See also #4028.

Closes #4079.

Signed-off-by: Ed Morley <501702+edmorley@users.noreply.github.com>
(cherry picked from commit 6e2e92d774)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:03:13 +02:00
Sebastiaan van Stijn 3c4fe7b3e6
docs: add missing docs for "DOCKER_TLS" env-var
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit b52fd79f1d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-25 17:02:22 +02:00
Sebastiaan van Stijn 98ffe42d84
Merge pull request #4517 from thaJeztah/24.0_backport_docker-cli-slows-bash-init
[24.0 backport] Stop slowing bash init by caching plugins path slowly
2023-08-23 14:04:35 +02:00
Sebastiaan van Stijn 0d5df48121
Merge pull request #4520 from thaJeztah/24.0_backport_patternmatcher_dockerignore
[24.0 backport] replace dockerfile/dockerignore with patternmatcher/ignorefile
2023-08-23 14:04:04 +02:00
Sebastiaan van Stijn bf081eec36
Merge pull request #4512 from thaJeztah/24.0_backport_manifest_token_actions
[24.0 backport] cli/registry/client: set actions when authn with token
2023-08-23 14:03:17 +02:00
Oded Arbel dc45bcc993
Stop slowing bash init by caching plugins path slowly
Fixes issue #3889 by only loading docker plugins path when needed: if it is fast enough than it shouldn't be a problem to do this on demand; OTOH if it is slow then we shouldn't do this during *every* bash session initialization, regardless if docker completion will be needed or not.

Signed-off-by: Oded Arbel <oded@geek.co.il>
(cherry picked from commit 1da67be9ca)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 13:31:46 +02:00
Sebastiaan van Stijn 710dd00e95
replace dockerfile/dockerignore with patternmatcher/ignorefile
The BuildKit dockerignore package was migrated to the patternmatcher
repository / module. This patch updates our uses of the BuildKit package
with its new location.

A small local change was made to keep the format of the existing error message,
because the "ignorefile" package is slightly more agnostic in that respect
and doesn't include ".dockerignore" in the error message.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 5bff12354d)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 13:22:56 +02:00
Sebastiaan van Stijn bf632329d2
vendor: github.com/moby/patternmatcher v0.6.0
- integrate frontend/dockerfile/dockerignore from buildkit

full diff: https://github.com/moby/patternmatcher/compare/v0.5.0...v0.6.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 55ff9e6093)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-23 13:22:00 +02:00
Sebastiaan van Stijn 724548bc7d
Merge pull request #4508 from thaJeztah/24.0_backport_lazy_ping
[24.0 backport] cmd/docker: areFlagsSupported: don't Ping if not needed
2023-08-23 11:47:27 +02:00
Sebastiaan van Stijn 3c6c0bce1c
cli/registry/client: set actions when authn with token
When using a personal access token, Docker Hub produces an error if actions
are requested beyond the token's allowed actions. This resulted in errors
when using a PAT with limited permissions to do a "docker manifest inspect".

This patch sets actions to "pull" only by default, and requests "push" action
for requests that need it.

To verify:

- create a PAT with limited access (read-only)
- log in with your username and the PAT as password

Before this patch:

    docker manifest inspect ubuntu:latest
    Get "https://registry-1.docker.io/v2/library/ubuntu/manifests/latest": unauthorized: access token has insufficient scopes

With this patch applied:

    docker manifest inspect ubuntu:latest
    {
       "schemaVersion": 2,
       "mediaType": "application/vnd.oci.image.index.v1+json",
       "manifests": [
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:56887c5194fddd8db7e36ced1c16b3569d89f74c801dc8a5adbf48236fb34564",
             "platform": {
                "architecture": "amd64",
                "os": "linux"
             }
          },
          {
             "mediaType": "application/vnd.oci.image.manifest.v1+json",
             "size": 424,
             "digest": "sha256:c835a4f2a632bc91a2b494e871549f0dd83f2966c780e66435774e77e048ddf0",
             "platform": {
                "architecture": "arm",
                "os": "linux",
                "variant": "v7"
             }
          }
       ]
    }

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit d2047b954e)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 21:55:01 +02:00
Sebastiaan van Stijn 65655cc262
cmd/docker: areFlagsSupported: don't Ping if not needed
This is a similar fix as 006c946389, which
fixed this for detection of commands that were executed. Make sure we don't
call the "/_ping" endpoint if we don't need to.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit bb57783ab8)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-22 10:46:50 +02:00
Sebastiaan van Stijn 580730fce9
Merge pull request #4500 from neersighted/backport_4478
[24.0 backport] login: Add message about using PATs
2023-08-17 20:37:25 +02:00
Djordje Lukic 11606268f8
login: Add message about using PATs
Signed-off-by: Djordje Lukic <djordje.lukic@docker.com>
(cherry picked from commit 8d51f36ca3)
Signed-off-by: Bjorn Neergaard <bjorn.neergaard@docker.com>
2023-08-17 06:56:09 -06:00
Sebastiaan van Stijn 27a19966fb
Merge pull request #4491 from dvdksn/24.0_backport_docs/host-gateway
[24.0 Backport] docs: document special host-gateway value for add-host
2023-08-09 13:28:05 +02:00
David Karlsson a8987063b3 docs: document special host-gateway value for add-host
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
(cherry picked from commit 299925f4c3)
Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
2023-08-09 09:19:14 +02:00
Sebastiaan van Stijn b74562d917
Merge pull request #4476 from thaJeztah/24.0_backport_update_go1.20.7
[24.0 backport] update to go1.20.7
2023-08-02 11:51:04 +02:00
Sebastiaan van Stijn c0e376854b
update to go1.20.7
Includes a fix for CVE-2023-29409

go1.20.7 (released 2023-08-01) includes a security fix to the crypto/tls
package, as well as bug fixes to the assembler and the compiler. See the
Go 1.20.7 milestone on our issue tracker for details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.20.6...go1.20.7

From the mailing list announcement:

[security] Go 1.20.7 and Go 1.19.12 are released

Hello gophers,

We have just released Go versions 1.20.7 and 1.19.12, minor point releases.

These minor releases include 1 security fixes following the security policy:

- crypto/tls: restrict RSA keys in certificates to <= 8192 bits

  Extremely large RSA keys in certificate chains can cause a client/server
  to expend significant CPU time verifying signatures. Limit this by
  restricting the size of RSA keys transmitted during handshakes to <=
  8192 bits.

  Based on a survey of publicly trusted RSA keys, there are currently only
  three certificates in circulation with keys larger than this, and all
  three appear to be test certificates that are not actively deployed. It
  is possible there are larger keys in use in private PKIs, but we target
  the web PKI, so causing breakage here in the interests of increasing the
  default safety of users of crypto/tls seems reasonable.

  Thanks to Mateusz Poliwczak for reporting this issue.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.20.7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 6517db9398)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-08-01 23:53:48 +02:00
Sebastiaan van Stijn 3bc4543f83
Merge pull request #4471 from thaJeztah/24.0_backport_bump_gotest_tools
[24.0 backport] vendor: gotest.tools/v3 v3.5.0
2023-08-01 16:27:40 +02:00
Sebastiaan van Stijn 1481c8ce9a
vendor: gotest.tools/v3 v3.5.0
- go.mod: update dependencies and go version by
- Use Go1.20
- Fix couple of typos
- Added `WithStdout` and `WithStderr` helpers
- Moved `cmdOperators` handling from `RunCmd` to `StartCmd`
- Deprecate `assert.ErrorType`
- Remove outdated Dockerfile
- add godoc links

full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.4.0...v3.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 0b535c791a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-29 21:34:33 +02:00
Sebastiaan van Stijn b17b6b562d
Merge pull request #4460 from thaJeztah/24.0_update_engine
[24.0] vendor: github.com/docker/docker v24.0.5
2023-07-25 15:03:00 +02:00
Sebastiaan van Stijn e97c765575
vendor: github.com/docker/docker v24.0.5
no changes in vendored files

full diff: https://github.com/docker/docker/compare/d4a26c153000...v24.0.5

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-07-25 08:55:10 +02:00