Paweł Gronowski
6d1c387af2
vendor: github.com/docker/docker ac2de55998d4 (v26.1.1)
...
full diff: c8af8ebe4a...ac2de55998
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-30 11:55:51 +02:00
Paweł Gronowski
aec1d364bf
vendor: github.com/docker/docker v26.1.0-dev (c8af8ebe4a89)
...
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-22 18:53:51 +02:00
Paweł Gronowski
6ad512068c
vendor: github.com/docker/docker v26.1.0-dev (ee8b788538ea)
...
no changes in vendored files
full diff: f9dfd139ec...ee8b788538
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-04-19 15:04:28 +02:00
Laura Brehm
5515b86514
vendor: github.com/docker/docker v26.0.1-0.20240410103514-f9dfd139ec0d+incompatible (master)
...
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-04-10 16:07:09 +01:00
Laura Brehm
c1053bf9d4
vendor: github.com/moby/swarmkit/v2 v2.0.0-20240227173239-911c97650f2e
...
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-04-10 16:02:34 +01:00
Laura Brehm
8a3a7b9458
vendor: github.com/containerd/containerd v1.7.15
...
Signed-off-by: Laura Brehm <laurabrehm@hey.com>
2024-04-10 15:52:37 +01:00
Sebastiaan van Stijn
5fcbbde4b9
vendor: golang.org/x/net v0.23.0
...
full diff: https://github.com/golang/net/compare/v0.22.0...v0.23.0
Includes a fix for CVE-2023-45288, which is also addressed in go1.22.2
and go1.21.9;
> http2: close connections when receiving too many headers
>
> Maintaining HPACK state requires that we parse and process
> all HEADERS and CONTINUATION frames on a connection.
> When a request's headers exceed MaxHeaderBytes, we don't
> allocate memory to store the excess headers but we do
> parse them. This permits an attacker to cause an HTTP/2
> endpoint to read arbitrary amounts of data, all associated
> with a request which is going to be rejected.
>
> Set a limit on the amount of excess header frames we
> will process before closing a connection.
>
> Thanks to Bartek Nowotarski for reporting this issue.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-04-09 14:52:51 +02:00
Sebastiaan van Stijn
4745b957d2
vendor: golang.org/x/net v0.22.0, golang.org/x/crypto v0.21.0
...
full diffs changes relevant to vendored code:
- https://github.com/golang/net/compare/v0.19.0...v0.22.0
- http2: remove suspicious uint32->v conversion in frame code
- http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum octets
- https://github.com/golang/crypto/compare/v0.17.0...v0.21.0
- (no changes in vendored code)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-04-09 14:50:53 +02:00
Sebastiaan van Stijn
c7a50ebb9f
vendor: golang.org/x/term v0.18.0
...
no changes in vendored code
full diff: https://github.com/golang/term/compare/v0.15.0...v0.18.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-04-09 14:47:48 +02:00
Sebastiaan van Stijn
9a2133f2d4
vendor: golang.org/x/sys v0.18.0
...
full diff: https://github.com/golang/sys/compare/v0.16.0...v0.18.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-04-09 14:46:54 +02:00
Jonathan A. Sternberg
89db01ef97
cli: add otel sdk tracing and metric providers to the core cli
...
This adds the code used by buildx and compose into the default CLI
program to help normalize the usage of these APIs and allow code reuse
between projects. It also allows these projects to benefit from
improvements or changes that may be made by another team.
At the moment, these APIs are a pretty thin layer on the OTEL SDK. It
configures an additional exporter to a docker endpoint that's used for
usage collection and is only active if the option is configured in
docker desktop.
This also upgrades the OTEL version to v1.19 which is the one being used
by buildkit, buildx, compose, etc.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
2024-03-25 11:11:34 -05:00
Paweł Gronowski
fdb48a0664
vendor: github.com/docker/docker v26.0.0
...
no changes in vendored files
full diff: https://github.com/docker/docker/compare/8b79278316b5...v26.0.0
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-22 11:41:42 +01:00
Paweł Gronowski
69575f6175
vendor: github.com/docker/docker 8b79278316b5 (master)
...
no changes in vendored files
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-20 15:45:19 +01:00
Paweł Gronowski
b70a26deaf
vendor: github.com/docker/docker 330d777c53fb (v26.0.0-rc3-dev)
...
full diff: 70e46f2c7c...330d777c53
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-19 14:31:41 +01:00
Sebastiaan van Stijn
38c3ff67aa
vendor: github.com/docker/docker 70e46f2c7c2d (v26.0.0-rc3-dev)
...
full diff: https://github.com/docker/docker/compare/v26.0.0-rc2...70e46f2c7c2df8d8cc483d9831a907b12efa201b
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:53:20 +01:00
Sebastiaan van Stijn
a4a79d75c0
vendor: google.golang.org/protobuf v1.33.0, github.com/golang/protobuf v1.5.4
...
full diffs:
- https://github.com/protocolbuffers/protobuf-go/compare/v1.31.0...v1.33.0
- https://github.com/golang/protobuf/compare/v1.5.3...v1.5.4
From the Go security announcement list;
> Version v1.33.0 of the google.golang.org/protobuf module fixes a bug in
> the google.golang.org/protobuf/encoding/protojson package which could cause
> the Unmarshal function to enter an infinite loop when handling some invalid
> inputs.
>
> This condition could only occur when unmarshaling into a message which contains
> a google.protobuf.Any value, or when the UnmarshalOptions.UnmarshalUnknown
> option is set. Unmarshal now correctly returns an error when handling these
> inputs.
>
> This is CVE-2024-24786.
In a follow-up post;
> A small correction: This vulnerability applies when the UnmarshalOptions.DiscardUnknown
> option is set (as well as when unmarshaling into any message which contains a
> google.protobuf.Any). There is no UnmarshalUnknown option.
>
> In addition, version 1.33.0 of google.golang.org/protobuf inadvertently
> introduced an incompatibility with the older github.com/golang/protobuf
> module. (https://github.com/golang/protobuf/issues/1596 ) Users of the older
> module should update to github.com/golang/protobuf@v1.5.4.
govulncheck results in our code shows that this does not affect the CLI:
govulncheck ./...
Scanning your code and 448 packages across 72 dependent modules for known vulnerabilities...
=== Symbol Results ===
No vulnerabilities found.
Your code is affected by 0 vulnerabilities.
This scan also found 1 vulnerability in packages you import and 0
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:41:42 +01:00
Sebastiaan van Stijn
115c8d56e5
vendor: github.com/containerd/containerd v1.7.14
...
no changes in vendored files, but now requires go1.21
full diff: https://github.com/containerd/containerd/compare/v1.7.13...v1.7.14
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-03-16 16:41:38 +01:00
Paweł Gronowski
645b973521
vendor: github.com/docker/docker v26.0.0-rc2
...
full diff: https://github.com/docker/docker/compare/f4c696eef17d...v26.0.0-rc2
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-08 17:10:05 +01:00
Paweł Gronowski
a8379092af
vendor: github.com/docker/docker f4c696eef17d62a42
...
full diff: https://github.com/docker/docker/compare/v26.0.0-rc1+incompatible...f4c696eef17d62a421877d95c4810185750c5641
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-03-07 19:13:04 +01:00
Paweł Gronowski
5e80232398
vendor: github.com/docker/docker v26.0.0-rc1
...
full diff: https://github.com/docker/docker/compare/c70d7905fbd9...v26.0.0-rc1
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
test: update fixtures
Signed-off-by: Alano Terblanche <18033717+Benehiko@users.noreply.github.com>
2024-03-01 18:23:25 +01:00
Sebastiaan van Stijn
acc675014f
vendor: github.com/docker/docker c70d7905fbd9 (v26.0.0-dev)
...
full diff: 86b86412a1...c70d7905fb
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:54:20 +01:00
Sebastiaan van Stijn
79541b7e21
vendor: google.golang.org/grpc v1.59.0
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:53:12 +01:00
Sebastiaan van Stijn
096ced0894
vendor: OTEL v0.46.1 / v1.21.0
...
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:50:23 +01:00
Sebastiaan van Stijn
f3c77df31e
vendor: github.com/prometheus/client_golang v1.17.0
...
full diffs:
- https://github.com/prometheus/client_golang/compare/v1.14.0...v1.17.0
- https://github.com/prometheus/client_model/compare/v0.3.0...v0.5.0
- https://github.com/prometheus/common/compare/v0.42.0...v0.44.0
- https://github.com/prometheus/procfs/compare/v0.9.0...v0.12.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:45:07 +01:00
Sebastiaan van Stijn
1b42d04d63
vendor: github.com/go-logr/logr v1.3.0
...
full diff: https://github.com/go-logr/logr/compare/v1.2.4...v1.3.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:39:47 +01:00
Sebastiaan van Stijn
f5a29ff8eb
vendor: github.com/containerd/containerd v1.7.13
...
no changes in vendored files
full diff: https://github.com/containerd/containerd/compare/v1.7.12...v1.7.13
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-26 17:36:46 +01:00
Sebastiaan van Stijn
df6220d434
vendor: github.com/docker/docker 86b86412a1b7 (v26.0-dev)
...
full diff: 9e075f3808...86b86412a1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-10 12:26:39 +01:00
Sebastiaan van Stijn
324309b086
vendor: github.com/docker/docker 9e075f3808a5 (master, v26.0.0-dev)
...
Vendor docker/docker with API < 1.24 removed. This should not affect client
code.
43ffb1ee9d..9e075f3808
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-07 02:27:53 +01:00
Sebastiaan van Stijn
93ad9fbdf6
vendor: github.com/moby/swarmkit/v2 v2.0.0-20240125134710-dcda100a8261
...
full diff: f082dd7a0c...dcda100a82
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-02-07 02:23:51 +01:00
Paweł Gronowski
68dac842a1
vendor: github.com/docker/docker 43ffb1ee9d5a (v26.0.0-dev)
...
full diff: https://github.com/docker/docker/compare/v25.0.0...43ffb1ee9d5a
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2024-01-24 14:59:08 +01:00
Sebastiaan van Stijn
4b1ed1f442
vendor: github.com/docker/docker v25.0.1
...
relevant changes:
- Fix isGitURL regular expression
- pkg/system: return even richer xattr errors
full diff: https://github.com/moby/moby/compare/v25.0.0...v25.0.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-24 12:17:20 +01:00
Sebastiaan van Stijn
337dd82d8b
vendor: github.com/docker/docker v25.0.0
...
full diff: https://github.com/docker/docker/compare/v25.0.0-rc.3...v25.0.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-19 15:03:52 +01:00
Sebastiaan van Stijn
cdb1c105f6
vendor: github.com/docker/docker v25.0.0-rc.3
...
full diff: https://github.com/moby/moby/compare/v25.0.0-rc.2...v25.0.0-rc.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-17 23:28:28 +01:00
Sebastiaan van Stijn
21c2536051
vendor: golang.org/x/sys v0.16.0
...
full diff: https://github.com/golang/sys/compare/v0.15.0...v0.16.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-15 12:01:27 +01:00
Sebastiaan van Stijn
d868dca00f
vendor: github.com/docker/docker v25.0.0-rc.2
...
- feat: make errdefs.IsXXX helper functions work with wrapped errors
full diff: https://github.com/moby/moby/compare/v25.0.0-rc.1...v25.0.0-rc.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-13 02:08:29 +01:00
Sebastiaan van Stijn
8b6ffbdf77
vendor: github.com/containerd/containerd v1.7.12
...
- full diff: https://github.com/containerd/containerd/compare/v1.7.11...v1.7.12
- release notes: https://github.com/containerd/containerd/releases/tag/v1.7.12
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-12 19:31:12 +01:00
Sebastiaan van Stijn
a5e5563f13
vendor: github.com/docker/docker-credential-helpers v0.8.1
...
full diff: https://github.com/docker/docker-credential-helpers/compare/v0.8.0...v0.8.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-10 22:35:03 +01:00
Sebastiaan van Stijn
9db56ea2f6
vendor: golang.org/x/tools v0.16.0, golang.org/x/mod v0.14.0
...
removes dependency on golang.org/x/sys/execabs
full diff:
- https://github.com/golang/tools/compare/v0.10.0...v0.16.0
- https://github.com/golang/mod/compare/v0.11.0...v0.14.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 11:02:26 +01:00
Sebastiaan van Stijn
efae960e5a
vendor: golang.org/x/net v0.19.0
...
drops various code to support go1.17 and older
full diff: https://golang.org/x/net/compare/v0.17.0...v0.19.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:55:39 +01:00
Sebastiaan van Stijn
996cce9098
vendor: golang.org/x/sync v0.6.0
...
full diff: https://github.com/golang/sync/compare/v0.3.0...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:52:47 +01:00
Sebastiaan van Stijn
4b10e55256
vendor: github.com/google/go-cmp v0.6.0
...
- removes purego fallbacks
full diff: https://github.com/google/go-cmp/compare/v0.5.9...v0.6.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:25:45 +01:00
Sebastiaan van Stijn
1ebc233b4b
vendor: github.com/creack/pty v1.1.21
...
full diff: https://github.com/creack/pty/compare/v1.18.0...v1.21.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-08 10:22:09 +01:00
Sebastiaan van Stijn
b4fe77a124
vendor: github.com/docker/go-connections v0.5.0
...
no diff, as the tag is the same commit as we used already;
https://github.com/docker/go-connections/compare/fa09c952e3ea...v0.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-05 18:25:04 +01:00
Sebastiaan van Stijn
b43ea528b8
vendor: github.com/docker/docker v25.0.0-rc.1
...
full diff: https://github.com/docker/docker/compare/v25.0.0-beta.3...v25.0.0-rc.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2024-01-05 13:23:48 +01:00
Sebastiaan van Stijn
c1016c05cf
vendor: github.com/mitchellh/mapstructure v1.5.0
...
note that this repository will be sunset, and the "endorsed" fork will be
maintened by "go-viper"; see [mapstructure#349][1]
[1]: https://github.com/mitchellh/mapstructure/issues/349
full diff: https://github.com/mitchellh/mapstructure/compare/v1.3.2...v1.5.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 17:42:31 +01:00
Sebastiaan van Stijn
eed2d9c765
Merge pull request #4742 from thaJeztah/bump_runewidth
...
vendor: github.com/mattn/go-runewidth v0.0.15
2023-12-27 17:05:40 +01:00
Sebastiaan van Stijn
58524685da
vendor: github.com/mattn/go-runewidth v0.0.15
...
no code-changes, but project updated CI to test against current
Go versions;
https://github.com/mattn/go-runewidth/compare/v0.0.14...v0.0.15
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 10:40:19 +01:00
Sebastiaan van Stijn
1e38fc3b9d
vendor: github.com/klauspost/compress v1.17.4
...
full diff: https://github.com/klauspost/compress/compare/v1.17.2...v1.17.4
v1.17.4:
- huff0: Speed up symbol counting
- huff0: Remove byteReader
- gzhttp: Allow overriding decompression on transport
- gzhttp: Clamp compression level
- gzip: Error out if reserved bits are set
v1.17.3:
- fse: Fix max header size
- zstd: Improve better/best compression
- gzhttp: Fix missing content type on Close
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-27 10:34:40 +01:00
Sebastiaan van Stijn
0fa3a365f7
vendor: github.com/docker/docker v25.0.0-beta.3
...
no diff, just the tag (which is the same as the previous commit);
https://github.com/moby/moby/compare/7bc56c53657d...v25.0.0-beta.3
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-12-21 16:41:36 +01:00
Albin Kerouanton
336787c50a
vendor: github.com/docker/docker 7bc56c53657d (v25.0.0-dev)
...
full diff: 388216fc45...7bc56c5365
Signed-off-by: Albin Kerouanton <albinker@gmail.com>
2023-12-20 22:51:51 +01:00