no significant changes in vendored code, other than updating build-tags
for go1.17, but removes some dependencies from the module, which can
help with future updates;
full diff: 3f7ff695ad...abb19827d3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This restores compatibility with go1.18, which was broken since commit;
c062238ea4
cmd.Environ() is new in go1.19, and not needed for this specific case.
Without this, trying to use this package in code that uses go1.18 will fail;
builder/remotecontext/git/gitutils.go:216:23: cmd.Environ undefined (type *exec.Cmd has no field or method Environ)
Changing to use `os.Environ()` instead restores compatibility with go1.18
Full diff: f9cb47a052...5aac513617
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Migrating these functions to allow them being shared between moby, docker/cli,
and containerd, and to allow using them without importing all of sys / system,
which (in containerd) also depends on hcsshim and more.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- moby: a60b458179...d2590dc3cd
- swarmkit: 6068d1894d...48dd89375d
The .Parent field for buildcache entries was deprecated, and replaced with a
.Parents (plural) field. This patch updates the code accordingly. Unlike the
change in buildx
9c3be32bc9
we continue to fall back to the old field (which will be set on older API
versions).
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
no changes in vendored code other than a typo-fix, just aligning with latest master
8abb84c734...cb01202de8
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Notable changes:
- introduce CreateMountpoint for parity between binds and mounts
full diff: c9d04033d4...d633169483
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 616e8db4c3...6068d1894d
a replace rule was needed (similar as in github.com/docker/docker) to fix some
dependency issues;
github.com/docker/cli/cli/trust imports
github.com/theupdateframework/notary/trustpinning tested by
github.com/theupdateframework/notary/trustpinning.test imports
github.com/cloudflare/cfssl/helpers imports
github.com/google/certificate-transparency-go imports
go.etcd.io/etcd/v3 imports
go.etcd.io/etcd/tests/v3/integration imports
go.etcd.io/etcd/server/v3/embed imports
go.opentelemetry.io/otel/semconv: module go.opentelemetry.io/otel@latest found (v1.7.0), but does not contain package go.opentelemetry.io/otel/semconv
github.com/docker/cli/cli/trust imports
github.com/theupdateframework/notary/trustpinning tested by
github.com/theupdateframework/notary/trustpinning.test imports
github.com/cloudflare/cfssl/helpers imports
github.com/google/certificate-transparency-go imports
go.etcd.io/etcd/v3 imports
go.etcd.io/etcd/tests/v3/integration imports
go.etcd.io/etcd/server/v3/embed imports
go.opentelemetry.io/otel/exporters/otlp imports
go.opentelemetry.io/otel/sdk/metric/controller/basic imports
go.opentelemetry.io/otel/metric/registry: module go.opentelemetry.io/otel/metric@latest found (v0.30.0), but does not contain package go.opentelemetry.io/otel/metric/registry
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- updated the default value for `--limit` on `docker search` as the const has been
removed (added a todo to remove it)
- updated some fixtures to account for `KernelMemoryTCP` no longer being included
in the output.
full diff: 83b51522df...8941dcfcc5
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Some warnings about go1.16 compatibility, so including them here:
+ go mod tidy -modfile=vendor.mod
github.com/docker/cli/cli/registry/client imports
github.com/docker/distribution/registry/api/v2 imports
github.com/gorilla/mux loaded from github.com/gorilla/mux@v1.7.0,
but go 1.16 would select v1.8.0
github.com/docker/cli/cli/compose/loader imports
gopkg.in/yaml.v2 tested by
gopkg.in/yaml.v2.test imports
gopkg.in/check.v1 loaded from gopkg.in/check.v1@v1.0.0-20200227125254-8fa46927fb4f,
but go 1.16 would select v1.0.0-20201130134442-10cb98267c6c
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/Shopify/logrus-bugsnag loaded from github.com/Shopify/logrus-bugsnag@v0.0.0-20170309145241-6dbc35f2c30d,
but go 1.16 would select v0.0.0-20171204204709-577dee27f20d
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server/storage imports
gopkg.in/rethinkdb/rethinkdb-go.v6 imports
github.com/opentracing/opentracing-go loaded from github.com/opentracing/opentracing-go@v1.1.0,
but go 1.16 would select v1.2.0
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server/storage imports
gopkg.in/rethinkdb/rethinkdb-go.v6 imports
github.com/opentracing/opentracing-go/ext loaded from github.com/opentracing/opentracing-go@v1.1.0,
but go 1.16 would select v1.2.0
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server/storage imports
gopkg.in/rethinkdb/rethinkdb-go.v6 imports
github.com/opentracing/opentracing-go/log loaded from github.com/opentracing/opentracing-go@v1.1.0,
but go 1.16 would select v1.2.0
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/spf13/viper imports
github.com/spf13/afero loaded from github.com/spf13/afero@v1.1.2,
but go 1.16 would select v1.2.2
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/spf13/viper imports
github.com/spf13/cast loaded from github.com/spf13/cast@v1.3.0,
but go 1.16 would select v1.3.1
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/spf13/viper imports
github.com/spf13/jwalterweatherman loaded from github.com/spf13/jwalterweatherman@v1.0.0,
but go 1.16 would select v1.1.0
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/spf13/viper imports
gopkg.in/ini.v1 loaded from gopkg.in/ini.v1@v1.51.0,
but go 1.16 would select v1.56.0
github.com/docker/cli/cli/command imports
github.com/theupdateframework/notary/client tested by
github.com/theupdateframework/notary/client.test imports
github.com/theupdateframework/notary/server imports
github.com/theupdateframework/notary/utils imports
github.com/spf13/viper imports
github.com/spf13/afero imports
github.com/spf13/afero/mem loaded from github.com/spf13/afero@v1.1.2,
but go 1.16 would select v1.2.2
To upgrade to the versions selected by go 1.16:
go mod tidy -go=1.16 && go mod tidy -go=1.17
If reproducibility with go 1.16 is not needed:
go mod tidy -compat=1.17
For other options, see:
https://golang.org/doc/modules/pruning
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 5770296d90...3147a52a75
This version contains a fix for CVE-2022-27191 (not sure if it affects us).
From the golang mailing list:
Hello gophers,
Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements
client authentication support for signature algorithms based on SHA-2 for use with
existing RSA keys.
Previously, a client would fail to authenticate with RSA keys to servers that
reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default
and—starting today March 15, 2022 for recently uploaded keys.
We are providing this announcement as the error (“ssh: unable to authenticate”)
might otherwise be difficult to troubleshoot.
Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also
fixes a potential security issue where an attacker could cause a crash in a
golang.org/x/crypto/ssh server under these conditions:
- The server has been configured by passing a Signer to ServerConfig.AddHostKey.
- The Signer passed to AddHostKey does not also implement AlgorithmSigner.
- The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method.
Servers that only use Signer implementations provided by the ssh package are
unaffected. This is CVE-2022-27191.
Alla prossima,
Filippo for the Go Security team
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Changed `matcher.Matches(file)` to `matcher.MatchesOrParentMatches(file)`:
cli/command/image/build/context.go:95:9: SA1019: matcher.Matches is deprecated: This implementation is buggy (it only checks a single parent dir against the pattern) and will be removed soon. Use either MatchesOrParentMatches or MatchesUsingParentResults instead. (staticcheck)
return matcher.Matches(file)
^
And updated a test to match the JSON omitting empty RootFS.Type fields (in
practice, this field should never be empty in real situations, and always
be "layer"). Changed the test to use subtests to easier find which case
is failing.
full diff: 343665850e...83b51522df
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/gotestyourself/gotest.tools/compare/v3.0.3...v3.1.0
noteworthy changes:
- ci: add go1.16
- ci: add go1.17, remove go1.13
- golden: only create dir if update flag is set
- icmd: replace all usages of os/exec with golang.org/x/sys/execabs
- assert: ErrorIs
- fs: add DirFromPath
- Stop creating directory outside of testdata
- fs: Fix comparing symlink permissions
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These dependencies were either unused, or go modules already resolved them
to the same version as specified in the replace rule, so those could be
removed.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
These were an "upgrade" not a "downgrade" (It was put in vendor.conf
to push it ahead of the version resolved by go mod). Let's move it
to the "requires" section as an indirect, that way it will dissolve
once other modules require this version or up.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>