diff --git a/go.mod b/go.mod
index 61a91c9026..d760dced70 100644
--- a/go.mod
+++ b/go.mod
@@ -23,7 +23,7 @@ require (
github.com/cyphar/filepath-securejoin v0.4.1
github.com/digitalocean/go-qemu v0.0.0-20250212194115-ee9b0668d242
github.com/docker/distribution v2.8.3+incompatible
- github.com/docker/docker v28.4.0+incompatible
+ github.com/docker/docker v28.5.1+incompatible
github.com/docker/go-connections v0.6.0
github.com/docker/go-plugins-helpers v0.0.0-20240701071450-45e2431495c8
github.com/docker/go-units v0.5.0
@@ -65,10 +65,10 @@ require (
github.com/vbauerster/mpb/v8 v8.10.2
github.com/vishvananda/netlink v1.3.1
go.etcd.io/bbolt v1.4.3
- go.podman.io/common v0.65.1-0.20250925174758-4cf0ff781bfc
- go.podman.io/image/v5 v5.37.0
- go.podman.io/storage v1.60.0
- golang.org/x/crypto v0.42.0
+ go.podman.io/common v0.65.1-0.20251016133615-aa970d2c7532
+ go.podman.io/image/v5 v5.37.1-0.20251016133615-aa970d2c7532
+ go.podman.io/storage v1.60.1-0.20251016133615-aa970d2c7532
+ golang.org/x/crypto v0.43.0
golang.org/x/net v0.45.0
golang.org/x/sync v0.17.0
golang.org/x/sys v0.37.0
@@ -106,7 +106,7 @@ require (
github.com/digitalocean/go-libvirt v0.0.0-20220804181439-8648fbde413e // indirect
github.com/disiqueira/gotree/v3 v3.0.2 // indirect
github.com/distribution/reference v0.6.0 // indirect
- github.com/docker/docker-credential-helpers v0.9.3 // indirect
+ github.com/docker/docker-credential-helpers v0.9.4 // indirect
github.com/ebitengine/purego v0.9.0 // indirect
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
@@ -119,7 +119,7 @@ require (
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/protobuf v1.5.4 // indirect
github.com/google/go-cmp v0.7.0 // indirect
- github.com/google/go-containerregistry v0.20.4-0.20250225234217-098045d5e61f // indirect
+ github.com/google/go-containerregistry v0.20.6 // indirect
github.com/google/go-intervals v0.0.2 // indirect
github.com/google/pprof v0.0.0-20250820193118-f64d9cf942d6 // indirect
github.com/hashicorp/errwrap v1.1.0 // indirect
@@ -135,7 +135,7 @@ require (
github.com/mattn/go-runewidth v0.0.16 // indirect
github.com/mdlayher/socket v0.5.1 // indirect
github.com/miekg/pkcs11 v1.1.1 // indirect
- github.com/mistifyio/go-zfs/v3 v3.0.1 // indirect
+ github.com/mistifyio/go-zfs/v3 v3.1.0 // indirect
github.com/moby/buildkit v0.23.2 // indirect
github.com/moby/go-archive v0.1.0 // indirect
github.com/moby/patternmatcher v0.6.0 // indirect
@@ -145,7 +145,7 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/morikuni/aec v1.0.0 // indirect
- github.com/opencontainers/runc v1.3.1 // indirect
+ github.com/opencontainers/runc v1.3.2 // indirect
github.com/pkg/errors v0.9.1 // indirect
github.com/pkg/sftp v1.13.9 // indirect
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
@@ -159,11 +159,11 @@ require (
github.com/sigstore/fulcio v1.7.1 // indirect
github.com/sigstore/protobuf-specs v0.4.1 // indirect
github.com/sigstore/sigstore v1.9.5 // indirect
- github.com/skeema/knownhosts v1.3.1 // indirect
+ github.com/skeema/knownhosts v1.3.2 // indirect
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 // indirect
github.com/smallstep/pkcs7 v0.1.1 // indirect
github.com/stefanberger/go-pkcs11uri v0.0.0-20230803200340-78284954bff6 // indirect
- github.com/sylabs/sif/v2 v2.21.1 // indirect
+ github.com/sylabs/sif/v2 v2.22.0 // indirect
github.com/tchap/go-patricia/v2 v2.3.3 // indirect
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
github.com/tklauser/go-sysconf v0.3.15 // indirect
@@ -174,18 +174,18 @@ require (
github.com/vishvananda/netns v0.0.5 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
- go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 // indirect
- go.opentelemetry.io/otel v1.35.0 // indirect
- go.opentelemetry.io/otel/metric v1.35.0 // indirect
- go.opentelemetry.io/otel/trace v1.35.0 // indirect
+ go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 // indirect
+ go.opentelemetry.io/otel v1.36.0 // indirect
+ go.opentelemetry.io/otel/metric v1.36.0 // indirect
+ go.opentelemetry.io/otel/trace v1.36.0 // indirect
go.uber.org/automaxprocs v1.6.0 // indirect
go.yaml.in/yaml/v2 v2.4.2 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
- golang.org/x/mod v0.27.0 // indirect
- golang.org/x/oauth2 v0.30.0 // indirect
- golang.org/x/text v0.29.0 // indirect
+ golang.org/x/mod v0.28.0 // indirect
+ golang.org/x/oauth2 v0.32.0 // indirect
+ golang.org/x/text v0.30.0 // indirect
golang.org/x/time v0.11.0 // indirect
- golang.org/x/tools v0.36.0 // indirect
+ golang.org/x/tools v0.37.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20250414145226-207652e42e2e // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20250414145226-207652e42e2e // indirect
google.golang.org/grpc v1.72.2 // indirect
diff --git a/go.sum b/go.sum
index 9578ed7b36..3bfa4c873d 100644
--- a/go.sum
+++ b/go.sum
@@ -102,14 +102,14 @@ github.com/disiqueira/gotree/v3 v3.0.2 h1:ik5iuLQQoufZBNPY518dXhiO5056hyNBIK9lWh
github.com/disiqueira/gotree/v3 v3.0.2/go.mod h1:ZuyjE4+mUQZlbpkI24AmruZKhg3VHEgPLDY8Qk+uUu8=
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
-github.com/docker/cli v28.4.0+incompatible h1:RBcf3Kjw2pMtwui5V0DIMdyeab8glEw5QY0UUU4C9kY=
-github.com/docker/cli v28.4.0+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/cli v28.5.1+incompatible h1:ESutzBALAD6qyCLqbQSEf1a/U8Ybms5agw59yGVc+yY=
+github.com/docker/cli v28.5.1+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
-github.com/docker/docker v28.4.0+incompatible h1:KVC7bz5zJY/4AZe/78BIvCnPsLaC9T/zh72xnlrTTOk=
-github.com/docker/docker v28.4.0+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
-github.com/docker/docker-credential-helpers v0.9.3 h1:gAm/VtF9wgqJMoxzT3Gj5p4AqIjCBS4wrsOh9yRqcz8=
-github.com/docker/docker-credential-helpers v0.9.3/go.mod h1:x+4Gbw9aGmChi3qTLZj8Dfn0TD20M/fuWy0E5+WDeCo=
+github.com/docker/docker v28.5.1+incompatible h1:Bm8DchhSD2J6PsFzxC35TZo4TLGR2PdW/E69rU45NhM=
+github.com/docker/docker v28.5.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker-credential-helpers v0.9.4 h1:76ItO69/AP/V4yT9V4uuuItG0B1N8hvt0T0c0NN/DzI=
+github.com/docker/docker-credential-helpers v0.9.4/go.mod h1:v1S+hepowrQXITkEfw6o4+BMbGot02wiKpzWhGUZK6c=
github.com/docker/go-connections v0.6.0 h1:LlMG9azAe1TqfR7sO+NJttz1gy6KO7VJBh+pMmjSD94=
github.com/docker/go-connections v0.6.0/go.mod h1:AahvXYshr6JgfUJGdDCs2b5EZG/vmaMAntpSFH5BFKE=
github.com/docker/go-metrics v0.0.1 h1:AgB/0SvBxihN0X8OR4SjsblXkbMvalQ8cjmtKQ2rQV8=
@@ -164,8 +164,8 @@ github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6
github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
-github.com/google/go-containerregistry v0.20.4-0.20250225234217-098045d5e61f h1:q+kbH7LI4wK3gNCxyvy2rFldJqAAB+Gch79/xj9/+GU=
-github.com/google/go-containerregistry v0.20.4-0.20250225234217-098045d5e61f/go.mod h1:UnXV0UkKqoHbzwn49vfozmwMcLMS8XLLsVKVuhv3cGc=
+github.com/google/go-containerregistry v0.20.6 h1:cvWX87UxxLgaH76b4hIvya6Dzz9qHB31qAwjAohdSTU=
+github.com/google/go-containerregistry v0.20.6/go.mod h1:T0x8MuoAoKX/873bkeSfLD2FAkwCDf9/HZgsFJ02E2Y=
github.com/google/go-intervals v0.0.2 h1:FGrVEiUnTRKR8yE04qzXYaJMtnIYqobR5QbblK3ixcM=
github.com/google/go-intervals v0.0.2/go.mod h1:MkaR3LNRfeKLPmqgJYs4E66z5InYjmCjbbr4TQlcT6Y=
github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
@@ -261,8 +261,8 @@ github.com/mfridman/tparse v0.18.0 h1:wh6dzOKaIwkUGyKgOntDW4liXSo37qg5AXbIhkMV3v
github.com/mfridman/tparse v0.18.0/go.mod h1:gEvqZTuCgEhPbYk/2lS3Kcxg1GmTxxU7kTC8DvP0i/A=
github.com/miekg/pkcs11 v1.1.1 h1:Ugu9pdy6vAYku5DEpVWVFPYnzV+bxB+iRdbuFSu7TvU=
github.com/miekg/pkcs11 v1.1.1/go.mod h1:XsNlhZGX73bx86s2hdc/FuaLm2CPZJemRLMA+WTFxgs=
-github.com/mistifyio/go-zfs/v3 v3.0.1 h1:YaoXgBePoMA12+S1u/ddkv+QqxcfiZK4prI6HPnkFiU=
-github.com/mistifyio/go-zfs/v3 v3.0.1/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k=
+github.com/mistifyio/go-zfs/v3 v3.1.0 h1:FZaylcg0hjUp27i23VcJJQiuBeAZjrC8lPqCGM1CopY=
+github.com/mistifyio/go-zfs/v3 v3.1.0/go.mod h1:CzVgeB0RvF2EGzQnytKVvVSDwmKJXxkOTUGbNrTja/k=
github.com/moby/buildkit v0.23.2 h1:gt/dkfcpgTXKx+B9I310kV767hhVqTvEyxGgI3mqsGQ=
github.com/moby/buildkit v0.23.2/go.mod h1:iEjAfPQKIuO+8y6OcInInvzqTMiKMbb2RdJz1K/95a0=
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
@@ -306,8 +306,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
-github.com/opencontainers/runc v1.3.1 h1:c/yY0oh2wK7tzDuD56REnSxyU8ubh8hoAIOLGLrm4SM=
-github.com/opencontainers/runc v1.3.1/go.mod h1:9wbWt42gV+KRxKRVVugNP6D5+PQciRbenB4fLVsqGPs=
+github.com/opencontainers/runc v1.3.2 h1:GUwgo0Fx9M/pl2utaSYlJfdBcXAB/CZXDxe322lvJ3Y=
+github.com/opencontainers/runc v1.3.2/go.mod h1:F7UQQEsxcjUNnFpT1qPLHZBKYP7yWwk6hq8suLy9cl0=
github.com/opencontainers/runtime-spec v1.2.1 h1:S4k4ryNgEpxW1dzyqffOmhI1BHYcjzU8lpJfSlR0xww=
github.com/opencontainers/runtime-spec v1.2.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
github.com/opencontainers/runtime-tools v0.9.1-0.20250523060157-0ea5ed0382a2 h1:2xZEHOdeQBV6PW8ZtimN863bIOl7OCW/X10K0cnxKeA=
@@ -351,8 +351,8 @@ github.com/rootless-containers/rootlesskit/v2 v2.3.5/go.mod h1:83EIYLeMX8UeNgLHk
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2 h1:KRzFb2m7YtdldCEkzs6KqmJw4nqEVZGK7IN2kJkjTuQ=
github.com/santhosh-tekuri/jsonschema/v6 v6.0.2/go.mod h1:JXeL+ps8p7/KNMjDQk3TCwPpBy0wYklyWTfbkIzdIFU=
-github.com/sebdah/goldie/v2 v2.5.5 h1:rx1mwF95RxZ3/83sdS4Yp7t2C5TCokvWP4TBRbAyEWY=
-github.com/sebdah/goldie/v2 v2.5.5/go.mod h1:oZ9fp0+se1eapSRjfYbsV/0Hqhbuu3bJVvKI/NNtssI=
+github.com/sebdah/goldie/v2 v2.7.1 h1:PkBHymaYdtvEkZV7TmyqKxdmn5/Vcj+8TpATWZjnG5E=
+github.com/sebdah/goldie/v2 v2.7.1/go.mod h1:oZ9fp0+se1eapSRjfYbsV/0Hqhbuu3bJVvKI/NNtssI=
github.com/seccomp/libseccomp-golang v0.11.1 h1:wuk4ZjSx6kyQII4rj6G6fvVzRHQaSiPvccJazDagu4g=
github.com/seccomp/libseccomp-golang v0.11.1/go.mod h1:5m1Lk8E9OwgZTTVz4bBOer7JuazaBa+xTkM895tDiWc=
github.com/secure-systems-lab/go-securesystemslib v0.9.1 h1:nZZaNz4DiERIQguNy0cL5qTdn9lR8XKHf4RUyG1Sx3g=
@@ -371,8 +371,8 @@ github.com/sigstore/sigstore v1.9.5 h1:Wm1LT9yF4LhQdEMy5A2JeGRHTrAWGjT3ubE5JUSrG
github.com/sigstore/sigstore v1.9.5/go.mod h1:VtxgvGqCmEZN9X2zhFSOkfXxvKUjpy8RpUW39oCtoII=
github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ=
github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
-github.com/skeema/knownhosts v1.3.1 h1:X2osQ+RAjK76shCbvhHHHVl3ZlgDm8apHEHFqRjnBY8=
-github.com/skeema/knownhosts v1.3.1/go.mod h1:r7KTdC8l4uxWRyK2TpQZ/1o5HaSzh06ePQNxPwTcfiY=
+github.com/skeema/knownhosts v1.3.2 h1:EDL9mgf4NzwMXCTfaxSD/o/a5fxDw/xL9nkU28JjdBg=
+github.com/skeema/knownhosts v1.3.2/go.mod h1:bEg3iQAuw+jyiw+484wwFJoKSLwcfd7fqRy+N0QTiow=
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966 h1:JIAuq3EEf9cgbU6AtGPK4CTG3Zf6CKMNqf0MHTggAUA=
github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966/go.mod h1:sUM3LWHvSMaG192sy56D9F7CNvL7jUJVXoqM1QKLnog=
github.com/smallstep/pkcs7 v0.1.1 h1:x+rPdt2W088V9Vkjho4KtoggyktZJlMduZAtRHm68LU=
@@ -393,8 +393,8 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
-github.com/sylabs/sif/v2 v2.21.1 h1:GZ0b5//AFAqJEChd8wHV/uSKx/l1iuGYwjR8nx+4wPI=
-github.com/sylabs/sif/v2 v2.21.1/go.mod h1:YoqEGQnb5x/ItV653bawXHZJOXQaEWpGwHsSD3YePJI=
+github.com/sylabs/sif/v2 v2.22.0 h1:Y+xXufp4RdgZe02SR3nWEg7S6q4tPWN237WHYzkDSKA=
+github.com/sylabs/sif/v2 v2.22.0/go.mod h1:W1XhWTmG1KcG7j5a3KSYdMcUIFvbs240w/MMVW627hs=
github.com/tchap/go-patricia/v2 v2.3.3 h1:xfNEsODumaEcCcY3gI0hYPZ/PcpVv5ju6RMAhgwZDDc=
github.com/tchap/go-patricia/v2 v2.3.3/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k=
github.com/tidwall/gjson v1.18.0 h1:FIDeeyB800efLX89e5a8Y0BNH+LOngJyGrIWxG2FKQY=
@@ -453,30 +453,30 @@ go.etcd.io/bbolt v1.4.3 h1:dEadXpI6G79deX5prL3QRNP6JB8UxVkqo4UPnHaNXJo=
go.etcd.io/bbolt v1.4.3/go.mod h1:tKQlpPaYCVFctUIgFKFnAlvbmB3tpy1vkTnDWohtc0E=
go.opentelemetry.io/auto/sdk v1.1.0 h1:cH53jehLUN6UFLY71z+NDOiNJqDdPRaXzTel0sJySYA=
go.opentelemetry.io/auto/sdk v1.1.0/go.mod h1:3wSPjt5PWp2RhlCcmmOial7AvC4DQqZb7a7wCow3W8A=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0 h1:sbiXRNDSWJOTobXh5HyQKjq6wUC5tNybqjIqDpAY4CU=
-go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0/go.mod h1:69uWxva0WgAA/4bu2Yy70SLDBwZXuQ6PbBpbsa5iZrQ=
-go.opentelemetry.io/otel v1.35.0 h1:xKWKPxrxB6OtMCbmMY021CqC45J+3Onta9MqjhnusiQ=
-go.opentelemetry.io/otel v1.35.0/go.mod h1:UEqy8Zp11hpkUrL73gSlELM0DupHoiq72dR+Zqel/+Y=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0 h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
+go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
+go.opentelemetry.io/otel v1.36.0 h1:UumtzIklRBY6cI/lllNZlALOF5nNIzJVb16APdvgTXg=
+go.opentelemetry.io/otel v1.36.0/go.mod h1:/TcFMXYjyRNh8khOAO9ybYkqaDBb/70aVwkNML4pP8E=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0 h1:1fTNlAIJZGWLP5FVu0fikVry1IsiUnXjf7QFvoNN3Xw=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0/go.mod h1:zjPK58DtkqQFn+YUMbx0M2XV3QgKU0gS9LeGohREyK4=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0 h1:xJ2qHD0C1BeYVTLLR9sX12+Qb95kfeD/byKj6Ky1pXg=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0/go.mod h1:u5BF1xyjstDowA1R5QAO9JHzqK+ublenEW/dyqTjBVk=
-go.opentelemetry.io/otel/metric v1.35.0 h1:0znxYu2SNyuMSQT4Y9WDWej0VpcsxkuklLa4/siN90M=
-go.opentelemetry.io/otel/metric v1.35.0/go.mod h1:nKVFgxBZ2fReX6IlyW28MgZojkoAkJGaE8CpgeAU3oE=
-go.opentelemetry.io/otel/sdk v1.35.0 h1:iPctf8iprVySXSKJffSS79eOjl9pvxV9ZqOWT0QejKY=
-go.opentelemetry.io/otel/sdk v1.35.0/go.mod h1:+ga1bZliga3DxJ3CQGg3updiaAJoNECOgJREo9KHGQg=
-go.opentelemetry.io/otel/sdk/metric v1.35.0 h1:1RriWBmCKgkeHEhM7a2uMjMUfP7MsOF5JpUCaEqEI9o=
-go.opentelemetry.io/otel/sdk/metric v1.35.0/go.mod h1:is6XYCUMpcKi+ZsOvfluY5YstFnhW0BidkR+gL+qN+w=
-go.opentelemetry.io/otel/trace v1.35.0 h1:dPpEfJu1sDIqruz7BHFG3c7528f6ddfSWfFDVt/xgMs=
-go.opentelemetry.io/otel/trace v1.35.0/go.mod h1:WUk7DtFp1Aw2MkvqGdwiXYDZZNvA/1J8o6xRXLrIkyc=
+go.opentelemetry.io/otel/metric v1.36.0 h1:MoWPKVhQvJ+eeXWHFBOPoBOi20jh6Iq2CcCREuTYufE=
+go.opentelemetry.io/otel/metric v1.36.0/go.mod h1:zC7Ks+yeyJt4xig9DEw9kuUFe5C3zLbVjV2PzT6qzbs=
+go.opentelemetry.io/otel/sdk v1.36.0 h1:b6SYIuLRs88ztox4EyrvRti80uXIFy+Sqzoh9kFULbs=
+go.opentelemetry.io/otel/sdk v1.36.0/go.mod h1:+lC+mTgD+MUWfjJubi2vvXWcVxyr9rmlshZni72pXeY=
+go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFwHX4dThiPis=
+go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
+go.opentelemetry.io/otel/trace v1.36.0 h1:ahxWNuqZjpdiFAyrIoQ4GIiAIhxAunQR6MUoKrsNd4w=
+go.opentelemetry.io/otel/trace v1.36.0/go.mod h1:gQ+OnDZzrybY4k4seLzPAWNwVBBVlF2szhehOBB/tGA=
go.opentelemetry.io/proto/otlp v1.5.0 h1:xJvq7gMzB31/d406fB8U5CBdyQGw4P399D1aQWU/3i4=
go.opentelemetry.io/proto/otlp v1.5.0/go.mod h1:keN8WnHxOy8PG0rQZjJJ5A2ebUoafqWp0eVQ4yIXvJ4=
-go.podman.io/common v0.65.1-0.20250925174758-4cf0ff781bfc h1:vLyukLe6FUCUxGDq9IN9WCpbzqHzMk8gQSuRh/z/pcs=
-go.podman.io/common v0.65.1-0.20250925174758-4cf0ff781bfc/go.mod h1:DyOdwtkwzYA8lE0TueJnxRju4Lmsrx6ZAC/ATAkYYck=
-go.podman.io/image/v5 v5.37.0 h1:yzgQybwuWIIeK63hu+mQqna/wOh96XD5cpVc6j8Dg5M=
-go.podman.io/image/v5 v5.37.0/go.mod h1:+s2Sx5dia/jVeT8tI3r2NAPrARMiDdbEq3QPIQogx3I=
-go.podman.io/storage v1.60.0 h1:bWNSrR58nxg39VNFDSx3m0AswbvyzPGOo5XsUfomTao=
-go.podman.io/storage v1.60.0/go.mod h1:NK+rsWJVuQeCM7ifv7cxD3abegWxwtW/3OkuSUJJoE4=
+go.podman.io/common v0.65.1-0.20251016133615-aa970d2c7532 h1:j83jJWTMND24j2fk0G+waJiKF3A/bMHcQxPkkJA9k4Q=
+go.podman.io/common v0.65.1-0.20251016133615-aa970d2c7532/go.mod h1:kv0yXx/yrT60lUcVb86hezMGz/lXmyx3epvdFlM9du4=
+go.podman.io/image/v5 v5.37.1-0.20251016133615-aa970d2c7532 h1:J7qB0n2DLY9hLCS9z3eubDuBrl6GOiz1iVMufhTRs3k=
+go.podman.io/image/v5 v5.37.1-0.20251016133615-aa970d2c7532/go.mod h1:rzI7vFUroTWKtAAVuYCoT2wy8LbcepZgEuhzzRzfui4=
+go.podman.io/storage v1.60.1-0.20251016133615-aa970d2c7532 h1:3+RVXZET/LnyhXdQnpIVvjuNs04Jz3IJtC9T++pwqpI=
+go.podman.io/storage v1.60.1-0.20251016133615-aa970d2c7532/go.mod h1:A3UBK0XypjNZ6pghRhuxg62+2NIm5lcUGv/7XyMhMUI=
go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
go.uber.org/automaxprocs v1.6.0/go.mod h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
go.yaml.in/yaml/v2 v2.4.2 h1:DzmwEr2rDGHl7lsFgAHxmNz/1NlQ7xLIrlN2h5d1eGI=
@@ -492,8 +492,8 @@ golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDf
golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
-golang.org/x/crypto v0.42.0 h1:chiH31gIWm57EkTXpwnqf8qeuMUi0yekh6mT2AvFlqI=
-golang.org/x/crypto v0.42.0/go.mod h1:4+rDnOTJhQCx2q7/j6rAN5XDw8kPjeaXEUR2eL94ix8=
+golang.org/x/crypto v0.43.0 h1:dduJYIi3A3KOfdGOHX8AVZ/jGiyPa3IbBozJ5kNuE04=
+golang.org/x/crypto v0.43.0/go.mod h1:BFbav4mRNlXJL4wNeejLpWxB7wMbc79PdRGhWKncxR0=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 h1:R84qjqJb5nVJMxqWYb3np9L5ZsaDtB+a39EqjV0JSUM=
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0/go.mod h1:S9Xr4PYopiDyqSyp5NjCrhFrqg6A5zA2E/iPHPhqnS8=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@@ -504,8 +504,8 @@ golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
-golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
+golang.org/x/mod v0.28.0 h1:gQBtGhjxykdjY9YhZpSlZIsbnaE2+PgjfLWUQTnoZ1U=
+golang.org/x/mod v0.28.0/go.mod h1:yfB/L0NOf/kmEbXjzCPOx1iK1fRutOydrCMsqRhEBxI=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -520,8 +520,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.45.0 h1:RLBg5JKixCy82FtLJpeNlVM0nrSqpCRYzVU1n8kj0tM=
golang.org/x/net v0.45.0/go.mod h1:ECOoLqd5U3Lhyeyo/QDCEVQ4sNgYsqvCZ722XogGieY=
-golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI=
-golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU=
+golang.org/x/oauth2 v0.32.0 h1:jsCblLleRMDrxMN29H3z/k1KliIvpLgCkE6R8FXXNgY=
+golang.org/x/oauth2 v0.32.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -581,8 +581,8 @@ golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.29.0 h1:1neNs90w9YzJ9BocxfsQNHKuAT4pkghyXc4nhZ6sJvk=
-golang.org/x/text v0.29.0/go.mod h1:7MhJOA9CD2qZyOKYazxdYMF85OwPdEr9jTtBpO7ydH4=
+golang.org/x/text v0.30.0 h1:yznKA/E9zq54KzlzBEAWn1NXSQ8DIp/NYMy88xJjl4k=
+golang.org/x/text v0.30.0/go.mod h1:yDdHFIX9t+tORqspjENWgzaCVXgk0yYnYuSZ8UzzBVM=
golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
golang.org/x/time v0.11.0/go.mod h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -594,8 +594,8 @@ golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc
golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU=
golang.org/x/tools v0.13.0/go.mod h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
-golang.org/x/tools v0.36.0/go.mod h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
+golang.org/x/tools v0.37.0 h1:DVSRzp7FwePZW356yEAChSdNcQo6Nsp+fex1SUW09lE=
+golang.org/x/tools v0.37.0/go.mod h1:MBN5QPQtLMHVdvsbtarmTNukZDdgwdwlO5qGacAzF0w=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/libpod/container_internal_common.go b/libpod/container_internal_common.go
index bea0c37313..93a74b85cd 100644
--- a/libpod/container_internal_common.go
+++ b/libpod/container_internal_common.go
@@ -32,7 +32,6 @@ import (
"github.com/containers/podman/v5/pkg/annotations"
"github.com/containers/podman/v5/pkg/checkpoint/crutils"
"github.com/containers/podman/v5/pkg/criu"
- libartTypes "github.com/containers/podman/v5/pkg/libartifact/types"
"github.com/containers/podman/v5/pkg/lookup"
"github.com/containers/podman/v5/pkg/rootless"
"github.com/containers/podman/v5/pkg/util"
@@ -50,6 +49,7 @@ import (
"go.podman.io/common/pkg/apparmor"
"go.podman.io/common/pkg/chown"
"go.podman.io/common/pkg/config"
+ libartTypes "go.podman.io/common/pkg/libartifact/types"
"go.podman.io/common/pkg/subscriptions"
"go.podman.io/common/pkg/umask"
is "go.podman.io/image/v5/storage"
diff --git a/libpod/runtime.go b/libpod/runtime.go
index 5b0a977f30..72d8cd89fb 100644
--- a/libpod/runtime.go
+++ b/libpod/runtime.go
@@ -24,7 +24,6 @@ import (
"github.com/containers/podman/v5/libpod/shutdown"
"github.com/containers/podman/v5/pkg/domain/entities"
"github.com/containers/podman/v5/pkg/domain/entities/reports"
- artStore "github.com/containers/podman/v5/pkg/libartifact/store"
"github.com/containers/podman/v5/pkg/rootless"
"github.com/containers/podman/v5/pkg/systemd"
"github.com/containers/podman/v5/pkg/util"
@@ -38,6 +37,7 @@ import (
nettypes "go.podman.io/common/libnetwork/types"
"go.podman.io/common/pkg/cgroups"
"go.podman.io/common/pkg/config"
+ artStore "go.podman.io/common/pkg/libartifact/store"
"go.podman.io/common/pkg/secrets"
systemdCommon "go.podman.io/common/pkg/systemd"
"go.podman.io/image/v5/pkg/sysregistriesv2"
diff --git a/pkg/api/handlers/libpod/artifacts.go b/pkg/api/handlers/libpod/artifacts.go
index 4369134f4b..6622ba8820 100644
--- a/pkg/api/handlers/libpod/artifacts.go
+++ b/pkg/api/handlers/libpod/artifacts.go
@@ -14,9 +14,9 @@ import (
"github.com/containers/podman/v5/pkg/domain/entities"
"github.com/containers/podman/v5/pkg/domain/infra/abi"
domain_utils "github.com/containers/podman/v5/pkg/domain/utils"
- libartifact_types "github.com/containers/podman/v5/pkg/libartifact/types"
"github.com/docker/distribution/registry/api/errcode"
"github.com/gorilla/schema"
+ libartifact_types "go.podman.io/common/pkg/libartifact/types"
"go.podman.io/image/v5/oci/layout"
"go.podman.io/image/v5/types"
)
diff --git a/pkg/domain/entities/artifact.go b/pkg/domain/entities/artifact.go
index 3edbedda11..00521dc5ef 100644
--- a/pkg/domain/entities/artifact.go
+++ b/pkg/domain/entities/artifact.go
@@ -5,6 +5,7 @@ import (
encconfig "github.com/containers/ocicrypt/config"
entitiesTypes "github.com/containers/podman/v5/pkg/domain/entities/types"
+ libartifactTypes "go.podman.io/common/pkg/libartifact/types"
"go.podman.io/image/v5/types"
)
@@ -31,7 +32,7 @@ type ArtifactExtractOptions struct {
ExcludeTitle bool
}
-type ArtifactBlob = entitiesTypes.ArtifactBlob
+type ArtifactBlob = libartifactTypes.ArtifactBlob
type ArtifactInspectOptions struct {
// Note: Remote is not currently implemented but will be used for
diff --git a/pkg/domain/entities/types/artifacts.go b/pkg/domain/entities/types/artifacts.go
index 37d1e038f5..dd5a754412 100644
--- a/pkg/domain/entities/types/artifacts.go
+++ b/pkg/domain/entities/types/artifacts.go
@@ -1,10 +1,8 @@
package types
import (
- "io"
-
- "github.com/containers/podman/v5/pkg/libartifact"
"github.com/opencontainers/go-digest"
+ "go.podman.io/common/pkg/libartifact"
)
type ArtifactInspectReport struct {
@@ -12,12 +10,6 @@ type ArtifactInspectReport struct {
Digest string
}
-type ArtifactBlob struct {
- BlobReader io.Reader
- BlobFilePath string
- FileName string
-}
-
type ArtifactAddReport struct {
ArtifactDigest *digest.Digest
}
diff --git a/pkg/domain/infra/abi/artifact.go b/pkg/domain/infra/abi/artifact.go
index faa16d7ce4..0e1ccfefd2 100644
--- a/pkg/domain/infra/abi/artifact.go
+++ b/pkg/domain/infra/abi/artifact.go
@@ -11,10 +11,10 @@ import (
"time"
"github.com/containers/podman/v5/pkg/domain/entities"
- "github.com/containers/podman/v5/pkg/libartifact/types"
"github.com/opencontainers/go-digest"
"github.com/sirupsen/logrus"
"go.podman.io/common/libimage"
+ "go.podman.io/common/pkg/libartifact/types"
)
func (ir *ImageEngine) ArtifactInspect(ctx context.Context, name string, _ entities.ArtifactInspectOptions) (*entities.ArtifactInspectReport, error) {
diff --git a/test/e2e/common_test.go b/test/e2e/common_test.go
index 872f6bd780..04dbc51560 100644
--- a/test/e2e/common_test.go
+++ b/test/e2e/common_test.go
@@ -31,7 +31,6 @@ import (
"github.com/containers/podman/v5/libpod/define"
"github.com/containers/podman/v5/pkg/inspect"
- "github.com/containers/podman/v5/pkg/libartifact"
. "github.com/containers/podman/v5/test/utils"
"github.com/containers/podman/v5/utils"
jsoniter "github.com/json-iterator/go"
@@ -40,6 +39,7 @@ import (
. "github.com/onsi/gomega/gexec"
"github.com/sirupsen/logrus"
"go.podman.io/common/pkg/cgroups"
+ "go.podman.io/common/pkg/libartifact"
"go.podman.io/storage/pkg/ioutils"
"go.podman.io/storage/pkg/lockfile"
"go.podman.io/storage/pkg/reexec"
diff --git a/vendor/github.com/docker/docker/api/swagger.yaml b/vendor/github.com/docker/docker/api/swagger.yaml
index 1401fa7153..6ca2c2b086 100644
--- a/vendor/github.com/docker/docker/api/swagger.yaml
+++ b/vendor/github.com/docker/docker/api/swagger.yaml
@@ -81,7 +81,6 @@ info:
{
"username": "string",
"password": "string",
- "email": "string",
"serveraddress": "string"
}
```
@@ -637,6 +636,9 @@ definitions:
by the default (runc) runtime.
This field is omitted when empty.
+
+ **Deprecated**: This field is deprecated as kernel 6.12 has deprecated `memory.kmem.tcp.limit_in_bytes` field
+ for cgroups v1. This field will be removed in a future release.
type: "integer"
format: "int64"
MemoryReservation:
@@ -1531,37 +1533,6 @@ definitions:
items:
type: "string"
example: ["/bin/sh", "-c"]
- # FIXME(thaJeztah): temporarily using a full example to remove some "omitempty" fields. Remove once the fields are removed.
- example:
- "User": "web:web"
- "ExposedPorts": {
- "80/tcp": {},
- "443/tcp": {}
- }
- "Env": ["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"]
- "Cmd": ["/bin/sh"]
- "Healthcheck": {
- "Test": ["string"],
- "Interval": 0,
- "Timeout": 0,
- "Retries": 0,
- "StartPeriod": 0,
- "StartInterval": 0
- }
- "ArgsEscaped": true
- "Volumes": {
- "/app/data": {},
- "/app/config": {}
- }
- "WorkingDir": "/public/"
- "Entrypoint": []
- "OnBuild": []
- "Labels": {
- "com.example.some-label": "some-value",
- "com.example.some-other-label": "some-other-value"
- }
- "StopSignal": "SIGTERM"
- "Shell": ["/bin/sh", "-c"]
NetworkingConfig:
description: |
@@ -1967,6 +1938,11 @@ definitions:
Depending on how the image was created, this field may be empty and
is only set for images that were built/created locally. This field
is empty if the image was pulled from an image registry.
+
+ > **Deprecated**: This field is only set when using the deprecated
+ > legacy builder. It is included in API responses for informational
+ > purposes, but should not be depended on as it will be omitted
+ > once the legacy builder is removed.
type: "string"
x-nullable: false
example: ""
@@ -1992,6 +1968,11 @@ definitions:
The version of Docker that was used to build the image.
Depending on how the image was created, this field may be empty.
+
+ > **Deprecated**: This field is only set when using the deprecated
+ > legacy builder. It is included in API responses for informational
+ > purposes, but should not be depended on as it will be omitted
+ > once the legacy builder is removed.
type: "string"
x-nullable: false
example: "27.0.1"
@@ -2036,14 +2017,6 @@ definitions:
format: "int64"
x-nullable: false
example: 1239828
- VirtualSize:
- description: |
- Total size of the image including all layers it is composed of.
-
- Deprecated: this field is omitted in API v1.44, but kept for backward compatibility. Use Size instead.
- type: "integer"
- format: "int64"
- example: 1239828
GraphDriver:
$ref: "#/definitions/DriverData"
RootFS:
@@ -2176,14 +2149,6 @@ definitions:
format: "int64"
x-nullable: false
example: 1239828
- VirtualSize:
- description: |-
- Total size of the image including all layers it is composed of.
-
- Deprecated: this field is omitted in API v1.44, but kept for backward compatibility. Use Size instead.
- type: "integer"
- format: "int64"
- example: 172064416
Labels:
description: "User-defined key/value metadata."
type: "object"
@@ -3177,10 +3142,15 @@ definitions:
- Args
properties:
DockerVersion:
- description: "Docker Version used to create the plugin"
+ description: |-
+ Docker Version used to create the plugin.
+
+ Depending on how the plugin was created, this field may be empty or omitted.
+
+ Deprecated: this field is no longer set, and will be removed in the next API version.
type: "string"
x-nullable: false
- example: "17.06.0-ce"
+ x-omitempty: true
Description:
type: "string"
x-nullable: false
@@ -6382,6 +6352,8 @@ definitions:
Kernel memory TCP limits are not supported when using cgroups v2, which
does not support the corresponding `memory.kmem.tcp.limit_in_bytes` cgroup.
+
+ **Deprecated**: This field is deprecated as kernel 6.12 has deprecated kernel memory TCP accounting.
type: "boolean"
example: true
CpuCfsPeriod:
@@ -6419,29 +6391,6 @@ definitions:
description: "Indicates IPv4 forwarding is enabled."
type: "boolean"
example: true
- BridgeNfIptables:
- description: |
- Indicates if `bridge-nf-call-iptables` is available on the host when
- the daemon was started.
-
-
-
- > **Deprecated**: netfilter module is now loaded on-demand and no longer
- > during daemon startup, making this field obsolete. This field is always
- > `false` and will be removed in a API v1.49.
- type: "boolean"
- example: false
- BridgeNfIp6tables:
- description: |
- Indicates if `bridge-nf-call-ip6tables` is available on the host.
-
-
-
- > **Deprecated**: netfilter module is now loaded on-demand, and no longer
- > during daemon startup, making this field obsolete. This field is always
- > `false` and will be removed in a API v1.49.
- type: "boolean"
- example: false
Debug:
description: |
Indicates if the daemon is running in debug-mode / with debug-level
diff --git a/vendor/github.com/docker/docker/api/types/container/hostconfig.go b/vendor/github.com/docker/docker/api/types/container/hostconfig.go
index f63f049c7c..7a41436cc7 100644
--- a/vendor/github.com/docker/docker/api/types/container/hostconfig.go
+++ b/vendor/github.com/docker/docker/api/types/container/hostconfig.go
@@ -394,7 +394,12 @@ type Resources struct {
// KernelMemory specifies the kernel memory limit (in bytes) for the container.
// Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes.
- KernelMemory int64 `json:",omitempty"`
+ KernelMemory int64 `json:",omitempty"`
+ // Hard limit for kernel TCP buffer memory (in bytes).
+ //
+ // Deprecated: This field is deprecated and will be removed in the next release.
+ // Starting with 6.12, the kernel has deprecated kernel memory tcp accounting
+ // for cgroups v1.
KernelMemoryTCP int64 `json:",omitempty"` // Hard limit for kernel TCP buffer memory (in bytes)
MemoryReservation int64 // Memory soft limit (in bytes)
MemorySwap int64 // Total memory usage (memory + swap); set `-1` to enable unlimited swap
diff --git a/vendor/github.com/docker/docker/api/types/image/image_inspect.go b/vendor/github.com/docker/docker/api/types/image/image_inspect.go
index 3bdb474287..1bec0b72b2 100644
--- a/vendor/github.com/docker/docker/api/types/image/image_inspect.go
+++ b/vendor/github.com/docker/docker/api/types/image/image_inspect.go
@@ -48,6 +48,8 @@ type InspectResponse struct {
// Depending on how the image was created, this field may be empty and
// is only set for images that were built/created locally. This field
// is empty if the image was pulled from an image registry.
+ //
+ // Deprecated: this field is deprecated, and will be removed in the next release.
Parent string
// Comment is an optional message that can be set when committing or
@@ -80,6 +82,8 @@ type InspectResponse struct {
// DockerVersion is the version of Docker that was used to build the image.
//
// Depending on how the image was created, this field may be empty.
+ //
+ // Deprecated: this field is deprecated, and will be removed in the next release.
DockerVersion string
// Author is the name of the author that was specified when committing the
diff --git a/vendor/github.com/docker/docker/api/types/plugin.go b/vendor/github.com/docker/docker/api/types/plugin.go
index abae48b9ab..a9eff28a04 100644
--- a/vendor/github.com/docker/docker/api/types/plugin.go
+++ b/vendor/github.com/docker/docker/api/types/plugin.go
@@ -42,7 +42,11 @@ type PluginConfig struct {
// Required: true
Description string `json:"Description"`
- // Docker Version used to create the plugin
+ // Docker Version used to create the plugin.
+ //
+ // Depending on how the plugin was created, this field may be empty or omitted.
+ //
+ // Deprecated: this field is no longer set, and will be removed in the next API version.
DockerVersion string `json:"DockerVersion,omitempty"`
// documentation
diff --git a/vendor/github.com/docker/docker/api/types/system/info.go b/vendor/github.com/docker/docker/api/types/system/info.go
index 047639ed91..0f39099d8a 100644
--- a/vendor/github.com/docker/docker/api/types/system/info.go
+++ b/vendor/github.com/docker/docker/api/types/system/info.go
@@ -9,19 +9,23 @@ import (
// Info contains response of Engine API:
// GET "/info"
type Info struct {
- ID string
- Containers int
- ContainersRunning int
- ContainersPaused int
- ContainersStopped int
- Images int
- Driver string
- DriverStatus [][2]string
- SystemStatus [][2]string `json:",omitempty"` // SystemStatus is only propagated by the Swarm standalone API
- Plugins PluginsInfo
- MemoryLimit bool
- SwapLimit bool
- KernelMemory bool `json:",omitempty"` // Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes
+ ID string
+ Containers int
+ ContainersRunning int
+ ContainersPaused int
+ ContainersStopped int
+ Images int
+ Driver string
+ DriverStatus [][2]string
+ SystemStatus [][2]string `json:",omitempty"` // SystemStatus is only propagated by the Swarm standalone API
+ Plugins PluginsInfo
+ MemoryLimit bool
+ SwapLimit bool
+ KernelMemory bool `json:",omitempty"` // Deprecated: kernel 5.4 deprecated kmem.limit_in_bytes
+ // KernelMemoryLimit is not supported on cgroups v2.
+ //
+ // Deprecated: This field is deprecated and will be removed in the next release.
+ // Starting with kernel 6.12, the kernel has deprecated kernel memory tcp accounting
KernelMemoryTCP bool `json:",omitempty"` // KernelMemoryTCP is not supported on cgroups v2.
CPUCfsPeriod bool `json:"CpuCfsPeriod"`
CPUCfsQuota bool `json:"CpuCfsQuota"`
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/digest.go b/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
index 28f6967ba7..5b8eb4ff46 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/digest.go
@@ -17,6 +17,7 @@ package name
import (
// nolint: depguard
_ "crypto/sha256" // Recommended by go-digest.
+ "encoding"
"encoding/json"
"strings"
@@ -32,8 +33,11 @@ type Digest struct {
original string
}
-// Ensure Digest implements Reference
var _ Reference = (*Digest)(nil)
+var _ encoding.TextMarshaler = (*Digest)(nil)
+var _ encoding.TextUnmarshaler = (*Digest)(nil)
+var _ json.Marshaler = (*Digest)(nil)
+var _ json.Unmarshaler = (*Digest)(nil)
// Context implements Reference.
func (d Digest) Context() Repository {
@@ -79,6 +83,21 @@ func (d *Digest) UnmarshalJSON(data []byte) error {
return nil
}
+// MarshalText formats the digest into a string for text serialization.
+func (d Digest) MarshalText() ([]byte, error) {
+ return []byte(d.String()), nil
+}
+
+// UnmarshalText parses a text string into a Digest.
+func (d *Digest) UnmarshalText(data []byte) error {
+ n, err := NewDigest(string(data))
+ if err != nil {
+ return err
+ }
+ *d = n
+ return nil
+}
+
// NewDigest returns a new Digest representing the given name.
func NewDigest(name string, opts ...Option) (Digest, error) {
// Split on "@"
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/registry.go b/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
index 5b0d01769c..5e6b6e62a0 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/registry.go
@@ -15,6 +15,8 @@
package name
import (
+ "encoding"
+ "encoding/json"
"net"
"net/url"
"path"
@@ -37,6 +39,11 @@ type Registry struct {
registry string
}
+var _ encoding.TextMarshaler = (*Registry)(nil)
+var _ encoding.TextUnmarshaler = (*Registry)(nil)
+var _ json.Marshaler = (*Registry)(nil)
+var _ json.Unmarshaler = (*Registry)(nil)
+
// RegistryStr returns the registry component of the Registry.
func (r Registry) RegistryStr() string {
return r.registry
@@ -140,3 +147,33 @@ func NewInsecureRegistry(name string, opts ...Option) (Registry, error) {
opts = append(opts, Insecure)
return NewRegistry(name, opts...)
}
+
+// MarshalJSON formats the Registry into a string for JSON serialization.
+func (r Registry) MarshalJSON() ([]byte, error) { return json.Marshal(r.String()) }
+
+// UnmarshalJSON parses a JSON string into a Registry.
+func (r *Registry) UnmarshalJSON(data []byte) error {
+ var s string
+ if err := json.Unmarshal(data, &s); err != nil {
+ return err
+ }
+ n, err := NewRegistry(s)
+ if err != nil {
+ return err
+ }
+ *r = n
+ return nil
+}
+
+// MarshalText formats the registry into a string for text serialization.
+func (r Registry) MarshalText() ([]byte, error) { return []byte(r.String()), nil }
+
+// UnmarshalText parses a text string into a Registry.
+func (r *Registry) UnmarshalText(data []byte) error {
+ n, err := NewRegistry(string(data))
+ if err != nil {
+ return err
+ }
+ *r = n
+ return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/repository.go b/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
index 9250e36252..290797575e 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/repository.go
@@ -15,6 +15,8 @@
package name
import (
+ "encoding"
+ "encoding/json"
"fmt"
"strings"
)
@@ -31,6 +33,11 @@ type Repository struct {
repository string
}
+var _ encoding.TextMarshaler = (*Repository)(nil)
+var _ encoding.TextUnmarshaler = (*Repository)(nil)
+var _ json.Marshaler = (*Repository)(nil)
+var _ json.Unmarshaler = (*Repository)(nil)
+
// See https://docs.docker.com/docker-hub/official_repos
func hasImplicitNamespace(repo string, reg Registry) bool {
return !strings.ContainsRune(repo, '/') && reg.RegistryStr() == DefaultRegistry
@@ -119,3 +126,33 @@ func (r Repository) Digest(identifier string) Digest {
d.original = d.Name()
return d
}
+
+// MarshalJSON formats the Repository into a string for JSON serialization.
+func (r Repository) MarshalJSON() ([]byte, error) { return json.Marshal(r.String()) }
+
+// UnmarshalJSON parses a JSON string into a Repository.
+func (r *Repository) UnmarshalJSON(data []byte) error {
+ var s string
+ if err := json.Unmarshal(data, &s); err != nil {
+ return err
+ }
+ n, err := NewRepository(s)
+ if err != nil {
+ return err
+ }
+ *r = n
+ return nil
+}
+
+// MarshalText formats the repository name into a string for text serialization.
+func (r Repository) MarshalText() ([]byte, error) { return []byte(r.String()), nil }
+
+// UnmarshalText parses a text string into a Repository.
+func (r *Repository) UnmarshalText(data []byte) error {
+ n, err := NewRepository(string(data))
+ if err != nil {
+ return err
+ }
+ *r = n
+ return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/name/tag.go b/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
index 66bd1bec3d..cfa923f59d 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/name/tag.go
@@ -15,6 +15,8 @@
package name
import (
+ "encoding"
+ "encoding/json"
"strings"
)
@@ -31,8 +33,11 @@ type Tag struct {
original string
}
-// Ensure Tag implements Reference
var _ Reference = (*Tag)(nil)
+var _ encoding.TextMarshaler = (*Tag)(nil)
+var _ encoding.TextUnmarshaler = (*Tag)(nil)
+var _ json.Marshaler = (*Tag)(nil)
+var _ json.Unmarshaler = (*Tag)(nil)
// Context implements Reference.
func (t Tag) Context() Repository {
@@ -80,6 +85,9 @@ func NewTag(name string, opts ...Option) (Tag, error) {
if len(parts) > 1 && !strings.Contains(parts[len(parts)-1], regRepoDelimiter) {
base = strings.Join(parts[:len(parts)-1], tagDelim)
tag = parts[len(parts)-1]
+ if tag == "" {
+ return Tag{}, newErrBadName("%s must specify a tag name after the colon", name)
+ }
}
// We don't require a tag, but if we get one check it's valid,
@@ -106,3 +114,33 @@ func NewTag(name string, opts ...Option) (Tag, error) {
original: name,
}, nil
}
+
+// MarshalJSON formats the Tag into a string for JSON serialization.
+func (t Tag) MarshalJSON() ([]byte, error) { return json.Marshal(t.String()) }
+
+// UnmarshalJSON parses a JSON string into a Tag.
+func (t *Tag) UnmarshalJSON(data []byte) error {
+ var s string
+ if err := json.Unmarshal(data, &s); err != nil {
+ return err
+ }
+ n, err := NewTag(s)
+ if err != nil {
+ return err
+ }
+ *t = n
+ return nil
+}
+
+// MarshalText formats the tag into a string for text serialization.
+func (t Tag) MarshalText() ([]byte, error) { return []byte(t.String()), nil }
+
+// UnmarshalText parses a text string into a Tag.
+func (t *Tag) UnmarshalText(data []byte) error {
+ n, err := NewTag(string(data))
+ if err != nil {
+ return err
+ }
+ *t = n
+ return nil
+}
diff --git a/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go b/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
index f78a5fa89e..d81593bd59 100644
--- a/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
+++ b/vendor/github.com/google/go-containerregistry/pkg/v1/hash.go
@@ -16,12 +16,12 @@ package v1
import (
"crypto"
+ "encoding"
"encoding/hex"
"encoding/json"
"fmt"
"hash"
"io"
- "strconv"
"strings"
)
@@ -34,6 +34,11 @@ type Hash struct {
Hex string
}
+var _ encoding.TextMarshaler = (*Hash)(nil)
+var _ encoding.TextUnmarshaler = (*Hash)(nil)
+var _ json.Marshaler = (*Hash)(nil)
+var _ json.Unmarshaler = (*Hash)(nil)
+
// String reverses NewHash returning the string-form of the hash.
func (h Hash) String() string {
return fmt.Sprintf("%s:%s", h.Algorithm, h.Hex)
@@ -49,14 +54,12 @@ func NewHash(s string) (Hash, error) {
}
// MarshalJSON implements json.Marshaler
-func (h Hash) MarshalJSON() ([]byte, error) {
- return json.Marshal(h.String())
-}
+func (h Hash) MarshalJSON() ([]byte, error) { return json.Marshal(h.String()) }
// UnmarshalJSON implements json.Unmarshaler
func (h *Hash) UnmarshalJSON(data []byte) error {
- s, err := strconv.Unquote(string(data))
- if err != nil {
+ var s string
+ if err := json.Unmarshal(data, &s); err != nil {
return err
}
return h.parse(s)
@@ -64,15 +67,11 @@ func (h *Hash) UnmarshalJSON(data []byte) error {
// MarshalText implements encoding.TextMarshaler. This is required to use
// v1.Hash as a key in a map when marshalling JSON.
-func (h Hash) MarshalText() (text []byte, err error) {
- return []byte(h.String()), nil
-}
+func (h Hash) MarshalText() ([]byte, error) { return []byte(h.String()), nil }
// UnmarshalText implements encoding.TextUnmarshaler. This is required to use
// v1.Hash as a key in a map when unmarshalling JSON.
-func (h *Hash) UnmarshalText(text []byte) error {
- return h.parse(string(text))
-}
+func (h *Hash) UnmarshalText(text []byte) error { return h.parse(string(text)) }
// Hasher returns a hash.Hash for the named algorithm (e.g. "sha256")
func Hasher(name string) (hash.Hash, error) {
diff --git a/vendor/github.com/mistifyio/go-zfs/v3/utils.go b/vendor/github.com/mistifyio/go-zfs/v3/utils.go
index b69942b530..8e49be39ff 100644
--- a/vendor/github.com/mistifyio/go-zfs/v3/utils.go
+++ b/vendor/github.com/mistifyio/go-zfs/v3/utils.go
@@ -2,6 +2,7 @@ package zfs
import (
"bytes"
+ "context"
"errors"
"fmt"
"io"
@@ -10,10 +11,37 @@ import (
"runtime"
"strconv"
"strings"
+ "sync/atomic"
+ "syscall"
+ "time"
"github.com/google/uuid"
)
+// Runner specifies the parameters used when executing ZFS commands.
+type Runner struct {
+ // Timeout specifies how long to wait before sending a SIGTERM signal to the running process.
+ Timeout time.Duration
+
+ // Grace specifies the time waited after signaling the running process with SIGTERM before it is forcefully
+ // killed with SIGKILL.
+ Grace time.Duration
+}
+
+var defaultRunner atomic.Value
+
+func init() {
+ defaultRunner.Store(&Runner{})
+}
+
+func Default() *Runner {
+ return defaultRunner.Load().(*Runner) //nolint: forcetypeassert // Impossible for it to be anything else.
+}
+
+func SetRunner(runner *Runner) {
+ defaultRunner.Store(runner)
+}
+
type command struct {
Command string
Stdin io.Reader
@@ -21,7 +49,19 @@ type command struct {
}
func (c *command) Run(arg ...string) ([][]string, error) {
- cmd := exec.Command(c.Command, arg...)
+ var cmd *exec.Cmd
+ if Default().Timeout == 0 {
+ cmd = exec.Command(c.Command, arg...)
+ } else {
+ ctx, cancel := context.WithTimeout(context.Background(), Default().Timeout)
+ defer cancel()
+
+ cmd = exec.CommandContext(ctx, c.Command, arg...)
+ cmd.Cancel = func() error {
+ return cmd.Process.Signal(syscall.SIGTERM)
+ }
+ cmd.WaitDelay = Default().Grace
+ }
var stdout, stderr bytes.Buffer
diff --git a/vendor/github.com/skeema/knownhosts/README.md b/vendor/github.com/skeema/knownhosts/README.md
index 170e04d140..58b7fbe5bb 100644
--- a/vendor/github.com/skeema/knownhosts/README.md
+++ b/vendor/github.com/skeema/knownhosts/README.md
@@ -20,7 +20,6 @@ Package [github.com/skeema/knownhosts](https://github.com/skeema/knownhosts) pro
* Auto-populate ssh.ClientConfig.HostKeyAlgorithms easily based on known_hosts, providing a solution for [golang/go#29286](https://github.com/golang/go/issues/29286). (This also properly handles cert algorithms for hosts using CA keys when [using the NewDB constructor](#enhancements-requiring-extra-parsing) added in skeema/knownhosts v1.3.0.)
* Properly match wildcard hostname known_hosts entries regardless of port number, providing a solution for [golang/go#52056](https://github.com/golang/go/issues/52056). (Added in v1.3.0; requires [using the NewDB constructor](#enhancements-requiring-extra-parsing))
* Write new known_hosts entries to an io.Writer
-* Properly format/normalize new known_hosts entries containing ipv6 addresses, providing a solution for [golang/go#53463](https://github.com/golang/go/issues/53463)
* Easily determine if an ssh.HostKeyCallback's error corresponds to a host whose key has changed (indicating potential MitM attack) vs a host that just isn't known yet
## How host key lookup works
diff --git a/vendor/github.com/skeema/knownhosts/knownhosts.go b/vendor/github.com/skeema/knownhosts/knownhosts.go
index 2b7536e0da..4a8b6be09b 100644
--- a/vendor/github.com/skeema/knownhosts/knownhosts.go
+++ b/vendor/github.com/skeema/knownhosts/knownhosts.go
@@ -194,11 +194,9 @@ func (hkdb *HostKeyDB) HostKeys(hostWithPort string) (keys []PublicKey) {
// in the known_hosts file will properly be converted to the corresponding
// ssh.CertAlgo* values.
func (hkdb *HostKeyDB) HostKeyAlgorithms(hostWithPort string) (algos []string) {
- // We ensure that algos never contains duplicates. This is done for robustness
- // even though currently golang.org/x/crypto/ssh/knownhosts never exposes
- // multiple keys of the same type. This way our behavior here is unaffected
- // even if https://github.com/golang/go/issues/28870 is implemented, for
- // example by https://github.com/golang/crypto/pull/254.
+ // We ensure that the return value never contains duplicates. This is needed
+ // since golang.org/x/crypto/ssh/knownhosts can now return multiple keys of
+ // the same type after https://github.com/golang/crypto/pull/254 was merged.
hostKeys := hkdb.HostKeys(hostWithPort)
seen := make(map[string]struct{}, len(hostKeys))
addAlgo := func(typ string, cert bool) {
@@ -367,26 +365,23 @@ func IsHostUnknown(err error) bool {
}
// Normalize normalizes an address into the form used in known_hosts. This
-// implementation includes a fix for https://github.com/golang/go/issues/53463
-// and will omit brackets around ipv6 addresses on standard port 22.
+// implementation fixes the buggy IPv6 edge-cases found in golang.org/x/crypto
+// below v0.42.0; see https://github.com/golang/go/issues/53463. In all other
+// cases, this simply delegates to the upstream Normalize implementation.
func Normalize(address string) string {
- host, port, err := net.SplitHostPort(address)
- if err != nil {
- host = address
- port = "22"
+ // Although our go.mod specifies a new-enough golang.org/x/crypto to avoid
+ // the IPv6 bug, this logic will remain in-place for sake of robustness in
+ // non-go.mod use-cases (OS package managers, hacky forks like go-git's, etc)
+ result := xknownhosts.Normalize(address)
+ if strings.HasSuffix(result, "]") && strings.HasPrefix(result, "[") {
+ return result[1 : len(result)-1]
}
- entry := host
- if port != "22" {
- entry = "[" + entry + "]:" + port
- } else if strings.HasPrefix(host, "[") && strings.HasSuffix(host, "]") {
- entry = entry[1 : len(entry)-1]
- }
- return entry
+ return result
}
// Line returns a line to append to the known_hosts files. This implementation
// uses the local patched implementation of Normalize in order to solve
-// https://github.com/golang/go/issues/53463.
+// https://github.com/golang/go/issues/53463 when using x/crypto below v0.42.0.
func Line(addresses []string, key ssh.PublicKey) string {
var trimmed []string
for _, a := range addresses {
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
index a01bfafbe0..6bd50d4c9b 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/config.go
@@ -176,6 +176,10 @@ func WithMessageEvents(events ...event) Option {
// WithSpanNameFormatter takes a function that will be called on every
// request and the returned string will become the Span Name.
+//
+// When using [http.ServeMux] (or any middleware that sets the Pattern of [http.Request]),
+// the span name formatter will run twice. Once when the span is created, and
+// second time after the middleware, so the pattern can be used.
func WithSpanNameFormatter(f func(operation string, r *http.Request) string) Option {
return optionFunc(func(c *config) {
c.SpanNameFormatter = f
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
index 3ea05d0199..937f9b4e73 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/handler.go
@@ -98,7 +98,7 @@ func (h *middleware) serveHTTP(w http.ResponseWriter, r *http.Request, next http
ctx := h.propagators.Extract(r.Context(), propagation.HeaderCarrier(r.Header))
opts := []trace.SpanStartOption{
- trace.WithAttributes(h.semconv.RequestTraceAttrs(h.server, r)...),
+ trace.WithAttributes(h.semconv.RequestTraceAttrs(h.server, r, semconv.RequestTraceAttrsOpts{})...),
}
opts = append(opts, h.spanStartOptions...)
@@ -176,7 +176,12 @@ func (h *middleware) serveHTTP(w http.ResponseWriter, r *http.Request, next http
ctx = ContextWithLabeler(ctx, labeler)
}
- next.ServeHTTP(w, r.WithContext(ctx))
+ r = r.WithContext(ctx)
+ next.ServeHTTP(w, r)
+
+ if r.Pattern != "" {
+ span.SetName(h.spanNameFormatter(h.operation, r))
+ }
statusCode := rww.StatusCode()
bytesWritten := rww.BytesWritten()
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
index 866aa21dce..d032aa841b 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/body_wrapper.go
@@ -1,9 +1,11 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/request/body_wrapper.go.tmpl
// Copyright The OpenTelemetry Authors
// SPDX-License-Identifier: Apache-2.0
+// Package request provides types and functionality to handle HTTP request
+// handling.
package request // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request"
import (
@@ -56,7 +58,7 @@ func (w *BodyWrapper) updateReadData(n int64, err error) {
}
}
-// Closes closes the io.ReadCloser.
+// Close closes the io.ReadCloser.
func (w *BodyWrapper) Close() error {
return w.ReadCloser.Close()
}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
index 73184e7d00..ca2e4c14c7 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request/resp_writer_wrapper.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/request/resp_writer_wrapper.go.tmpl
// Copyright The OpenTelemetry Authors
@@ -105,7 +105,7 @@ func (w *RespWriterWrapper) BytesWritten() int64 {
return w.written
}
-// BytesWritten returns the HTTP status code that was sent.
+// StatusCode returns the HTTP status code that was sent.
func (w *RespWriterWrapper) StatusCode() int {
w.mu.RLock()
defer w.mu.RUnlock()
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
index 4693a01949..7cb9693d98 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/env.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconv/env.go.tmpl
// Copyright The OpenTelemetry Authors
@@ -20,7 +20,7 @@ import (
)
// OTelSemConvStabilityOptIn is an environment variable.
-// That can be set to "old" or "http/dup" to opt into the new HTTP semantic conventions.
+// That can be set to "http/dup" to keep getting the old HTTP semantic conventions.
const OTelSemConvStabilityOptIn = "OTEL_SEMCONV_STABILITY_OPT_IN"
type ResponseTelemetry struct {
@@ -61,19 +61,23 @@ type HTTPServer struct {
//
// If the primary server name is not known, server should be an empty string.
// The req Host will be used to determine the server instead.
-func (s HTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
+func (s HTTPServer) RequestTraceAttrs(server string, req *http.Request, opts RequestTraceAttrsOpts) []attribute.KeyValue {
+ attrs := CurrentHTTPServer{}.RequestTraceAttrs(server, req, opts)
if s.duplicate {
- return append(OldHTTPServer{}.RequestTraceAttrs(server, req), CurrentHTTPServer{}.RequestTraceAttrs(server, req)...)
+ return OldHTTPServer{}.RequestTraceAttrs(server, req, attrs)
}
- return OldHTTPServer{}.RequestTraceAttrs(server, req)
+ return attrs
}
func (s HTTPServer) NetworkTransportAttr(network string) []attribute.KeyValue {
if s.duplicate {
- return append([]attribute.KeyValue{OldHTTPServer{}.NetworkTransportAttr(network)}, CurrentHTTPServer{}.NetworkTransportAttr(network))
+ return []attribute.KeyValue{
+ OldHTTPServer{}.NetworkTransportAttr(network),
+ CurrentHTTPServer{}.NetworkTransportAttr(network),
+ }
}
return []attribute.KeyValue{
- OldHTTPServer{}.NetworkTransportAttr(network),
+ CurrentHTTPServer{}.NetworkTransportAttr(network),
}
}
@@ -81,15 +85,16 @@ func (s HTTPServer) NetworkTransportAttr(network string) []attribute.KeyValue {
//
// If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
func (s HTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
+ attrs := CurrentHTTPServer{}.ResponseTraceAttrs(resp)
if s.duplicate {
- return append(OldHTTPServer{}.ResponseTraceAttrs(resp), CurrentHTTPServer{}.ResponseTraceAttrs(resp)...)
+ return OldHTTPServer{}.ResponseTraceAttrs(resp, attrs)
}
- return OldHTTPServer{}.ResponseTraceAttrs(resp)
+ return attrs
}
// Route returns the attribute for the route.
func (s HTTPServer) Route(route string) attribute.KeyValue {
- return OldHTTPServer{}.Route(route)
+ return CurrentHTTPServer{}.Route(route)
}
// Status returns a span status code and message for an HTTP status code
@@ -121,6 +126,8 @@ type MetricAttributes struct {
type MetricData struct {
RequestSize int64
+
+ // The request duration, in milliseconds
ElapsedTime float64
}
@@ -139,7 +146,19 @@ var (
)
func (s HTTPServer) RecordMetrics(ctx context.Context, md ServerMetricData) {
- if s.requestBytesCounter != nil && s.responseBytesCounter != nil && s.serverLatencyMeasure != nil {
+ if s.requestDurationHistogram != nil && s.requestBodySizeHistogram != nil && s.responseBodySizeHistogram != nil {
+ attributes := CurrentHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
+ o := metric.WithAttributeSet(attribute.NewSet(attributes...))
+ recordOpts := metricRecordOptionPool.Get().(*[]metric.RecordOption)
+ *recordOpts = append(*recordOpts, o)
+ s.requestBodySizeHistogram.Record(ctx, md.RequestSize, *recordOpts...)
+ s.responseBodySizeHistogram.Record(ctx, md.ResponseSize, *recordOpts...)
+ s.requestDurationHistogram.Record(ctx, md.ElapsedTime/1000.0, o)
+ *recordOpts = (*recordOpts)[:0]
+ metricRecordOptionPool.Put(recordOpts)
+ }
+
+ if s.duplicate && s.requestBytesCounter != nil && s.responseBytesCounter != nil && s.serverLatencyMeasure != nil {
attributes := OldHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
o := metric.WithAttributeSet(attribute.NewSet(attributes...))
addOpts := metricAddOptionPool.Get().(*[]metric.AddOption)
@@ -150,29 +169,28 @@ func (s HTTPServer) RecordMetrics(ctx context.Context, md ServerMetricData) {
*addOpts = (*addOpts)[:0]
metricAddOptionPool.Put(addOpts)
}
+}
- if s.duplicate && s.requestDurationHistogram != nil && s.requestBodySizeHistogram != nil && s.responseBodySizeHistogram != nil {
- attributes := CurrentHTTPServer{}.MetricAttributes(md.ServerName, md.Req, md.StatusCode, md.AdditionalAttributes)
- o := metric.WithAttributeSet(attribute.NewSet(attributes...))
- recordOpts := metricRecordOptionPool.Get().(*[]metric.RecordOption)
- *recordOpts = append(*recordOpts, o)
- s.requestBodySizeHistogram.Record(ctx, md.RequestSize, *recordOpts...)
- s.responseBodySizeHistogram.Record(ctx, md.ResponseSize, *recordOpts...)
- s.requestDurationHistogram.Record(ctx, md.ElapsedTime, o)
- *recordOpts = (*recordOpts)[:0]
- metricRecordOptionPool.Put(recordOpts)
+// hasOptIn returns true if the comma-separated version string contains the
+// exact optIn value.
+func hasOptIn(version, optIn string) bool {
+ for _, v := range strings.Split(version, ",") {
+ if strings.TrimSpace(v) == optIn {
+ return true
+ }
}
+ return false
}
func NewHTTPServer(meter metric.Meter) HTTPServer {
env := strings.ToLower(os.Getenv(OTelSemConvStabilityOptIn))
- duplicate := env == "http/dup"
+ duplicate := hasOptIn(env, "http/dup")
server := HTTPServer{
duplicate: duplicate,
}
- server.requestBytesCounter, server.responseBytesCounter, server.serverLatencyMeasure = OldHTTPServer{}.createMeasures(meter)
+ server.requestBodySizeHistogram, server.responseBodySizeHistogram, server.requestDurationHistogram = CurrentHTTPServer{}.createMeasures(meter)
if duplicate {
- server.requestBodySizeHistogram, server.responseBodySizeHistogram, server.requestDurationHistogram = CurrentHTTPServer{}.createMeasures(meter)
+ server.requestBytesCounter, server.responseBytesCounter, server.serverLatencyMeasure = OldHTTPServer{}.createMeasures(meter)
}
return server
}
@@ -192,13 +210,13 @@ type HTTPClient struct {
func NewHTTPClient(meter metric.Meter) HTTPClient {
env := strings.ToLower(os.Getenv(OTelSemConvStabilityOptIn))
- duplicate := env == "http/dup"
+ duplicate := hasOptIn(env, "http/dup")
client := HTTPClient{
duplicate: duplicate,
}
- client.requestBytesCounter, client.responseBytesCounter, client.latencyMeasure = OldHTTPClient{}.createMeasures(meter)
+ client.requestBodySize, client.requestDuration = CurrentHTTPClient{}.createMeasures(meter)
if duplicate {
- client.requestBodySize, client.requestDuration = CurrentHTTPClient{}.createMeasures(meter)
+ client.requestBytesCounter, client.responseBytesCounter, client.latencyMeasure = OldHTTPClient{}.createMeasures(meter)
}
return client
@@ -206,19 +224,20 @@ func NewHTTPClient(meter metric.Meter) HTTPClient {
// RequestTraceAttrs returns attributes for an HTTP request made by a client.
func (c HTTPClient) RequestTraceAttrs(req *http.Request) []attribute.KeyValue {
+ attrs := CurrentHTTPClient{}.RequestTraceAttrs(req)
if c.duplicate {
- return append(OldHTTPClient{}.RequestTraceAttrs(req), CurrentHTTPClient{}.RequestTraceAttrs(req)...)
+ return OldHTTPClient{}.RequestTraceAttrs(req, attrs)
}
- return OldHTTPClient{}.RequestTraceAttrs(req)
+ return attrs
}
// ResponseTraceAttrs returns metric attributes for an HTTP request made by a client.
func (c HTTPClient) ResponseTraceAttrs(resp *http.Response) []attribute.KeyValue {
+ attrs := CurrentHTTPClient{}.ResponseTraceAttrs(resp)
if c.duplicate {
- return append(OldHTTPClient{}.ResponseTraceAttrs(resp), CurrentHTTPClient{}.ResponseTraceAttrs(resp)...)
+ return OldHTTPClient{}.ResponseTraceAttrs(resp, attrs)
}
-
- return OldHTTPClient{}.ResponseTraceAttrs(resp)
+ return attrs
}
func (c HTTPClient) Status(code int) (codes.Code, string) {
@@ -232,11 +251,7 @@ func (c HTTPClient) Status(code int) (codes.Code, string) {
}
func (c HTTPClient) ErrorType(err error) attribute.KeyValue {
- if c.duplicate {
- return CurrentHTTPClient{}.ErrorType(err)
- }
-
- return attribute.KeyValue{}
+ return CurrentHTTPClient{}.ErrorType(err)
}
type MetricOpts struct {
@@ -255,17 +270,17 @@ func (o MetricOpts) AddOptions() metric.AddOption {
func (c HTTPClient) MetricOptions(ma MetricAttributes) map[string]MetricOpts {
opts := map[string]MetricOpts{}
- attributes := OldHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
+ attributes := CurrentHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
set := metric.WithAttributeSet(attribute.NewSet(attributes...))
- opts["old"] = MetricOpts{
+ opts["new"] = MetricOpts{
measurement: set,
addOptions: set,
}
if c.duplicate {
- attributes := CurrentHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
+ attributes := OldHTTPClient{}.MetricAttributes(ma.Req, ma.StatusCode, ma.AdditionalAttributes)
set := metric.WithAttributeSet(attribute.NewSet(attributes...))
- opts["new"] = MetricOpts{
+ opts["old"] = MetricOpts{
measurement: set,
addOptions: set,
}
@@ -275,17 +290,17 @@ func (c HTTPClient) MetricOptions(ma MetricAttributes) map[string]MetricOpts {
}
func (s HTTPClient) RecordMetrics(ctx context.Context, md MetricData, opts map[string]MetricOpts) {
- if s.requestBytesCounter == nil || s.latencyMeasure == nil {
+ if s.requestBodySize == nil || s.requestDuration == nil {
// This will happen if an HTTPClient{} is used instead of NewHTTPClient().
return
}
- s.requestBytesCounter.Add(ctx, md.RequestSize, opts["old"].AddOptions())
- s.latencyMeasure.Record(ctx, md.ElapsedTime, opts["old"].MeasurementOption())
+ s.requestBodySize.Record(ctx, md.RequestSize, opts["new"].MeasurementOption())
+ s.requestDuration.Record(ctx, md.ElapsedTime/1000, opts["new"].MeasurementOption())
if s.duplicate {
- s.requestBodySize.Record(ctx, md.RequestSize, opts["new"].MeasurementOption())
- s.requestDuration.Record(ctx, md.ElapsedTime, opts["new"].MeasurementOption())
+ s.requestBytesCounter.Add(ctx, md.RequestSize, opts["old"].AddOptions())
+ s.latencyMeasure.Record(ctx, md.ElapsedTime, opts["old"].MeasurementOption())
}
}
@@ -299,9 +314,10 @@ func (s HTTPClient) RecordResponseSize(ctx context.Context, responseData int64,
}
func (s HTTPClient) TraceAttributes(host string) []attribute.KeyValue {
+ attrs := CurrentHTTPClient{}.TraceAttributes(host)
if s.duplicate {
- return append(OldHTTPClient{}.TraceAttributes(host), CurrentHTTPClient{}.TraceAttributes(host)...)
+ return OldHTTPClient{}.TraceAttributes(host, attrs)
}
- return OldHTTPClient{}.TraceAttributes(host)
+ return attrs
}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
index 8b85eff90a..53976b0d5a 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/httpconv.go
@@ -1,9 +1,11 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconv/httpconv.go.tmpl
// Copyright The OpenTelemetry Authors
// SPDX-License-Identifier: Apache-2.0
+// Package semconv provides OpenTelemetry semantic convention types and
+// functionality.
package semconv // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv"
import (
@@ -20,9 +22,14 @@ import (
semconvNew "go.opentelemetry.io/otel/semconv/v1.26.0"
)
+type RequestTraceAttrsOpts struct {
+ // If set, this is used as value for the "http.client_ip" attribute.
+ HTTPClientIP string
+}
+
type CurrentHTTPServer struct{}
-// TraceRequest returns trace attributes for an HTTP request received by a
+// RequestTraceAttrs returns trace attributes for an HTTP request received by a
// server.
//
// The server must be the primary server name if it is known. For example this
@@ -38,7 +45,7 @@ type CurrentHTTPServer struct{}
//
// If the primary server name is not known, server should be an empty string.
// The req Host will be used to determine the server instead.
-func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
+func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request, opts RequestTraceAttrsOpts) []attribute.KeyValue {
count := 3 // ServerAddress, Method, Scheme
var host string
@@ -65,7 +72,8 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
scheme := n.scheme(req.TLS != nil)
- if peer, peerPort := SplitHostPort(req.RemoteAddr); peer != "" {
+ peer, peerPort := SplitHostPort(req.RemoteAddr)
+ if peer != "" {
// The Go HTTP server sets RemoteAddr to "IP:port", this will not be a
// file-path that would be interpreted with a sock family.
count++
@@ -79,7 +87,17 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
count++
}
- clientIP := serverClientIP(req.Header.Get("X-Forwarded-For"))
+ // For client IP, use, in order:
+ // 1. The value passed in the options
+ // 2. The value in the X-Forwarded-For header
+ // 3. The peer address
+ clientIP := opts.HTTPClientIP
+ if clientIP == "" {
+ clientIP = serverClientIP(req.Header.Get("X-Forwarded-For"))
+ if clientIP == "" {
+ clientIP = peer
+ }
+ }
if clientIP != "" {
count++
}
@@ -96,6 +114,11 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
count++
}
+ route := httpRoute(req.Pattern)
+ if route != "" {
+ count++
+ }
+
attrs := make([]attribute.KeyValue, 0, count)
attrs = append(attrs,
semconvNew.ServerAddress(host),
@@ -119,7 +142,7 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
}
}
- if useragent := req.UserAgent(); useragent != "" {
+ if useragent != "" {
attrs = append(attrs, semconvNew.UserAgentOriginal(useragent))
}
@@ -138,10 +161,14 @@ func (n CurrentHTTPServer) RequestTraceAttrs(server string, req *http.Request) [
attrs = append(attrs, semconvNew.NetworkProtocolVersion(protoVersion))
}
+ if route != "" {
+ attrs = append(attrs, n.Route(route))
+ }
+
return attrs
}
-func (o CurrentHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
+func (n CurrentHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
switch network {
case "tcp", "tcp4", "tcp6":
return semconvNew.NetworkTransportTCP
@@ -176,9 +203,11 @@ func (n CurrentHTTPServer) scheme(https bool) attribute.KeyValue { // nolint:rev
return semconvNew.URLScheme("http")
}
-// TraceResponse returns trace attributes for telemetry from an HTTP response.
+// ResponseTraceAttrs returns trace attributes for telemetry from an HTTP
+// response.
//
-// If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
+// If any of the fields in the ResponseTelemetry are not set the attribute will
+// be omitted.
func (n CurrentHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
var count int
@@ -241,6 +270,7 @@ func (n CurrentHTTPServer) createMeasures(meter metric.Meter) (metric.Int64Histo
semconvNew.HTTPServerRequestDurationName,
metric.WithUnit(semconvNew.HTTPServerRequestDurationUnit),
metric.WithDescription(semconvNew.HTTPServerRequestDurationDescription),
+ metric.WithExplicitBucketBoundaries(0.005, 0.01, 0.025, 0.05, 0.075, 0.1, 0.25, 0.5, 0.75, 1, 2.5, 5, 7.5, 10),
)
handleErr(err)
@@ -459,6 +489,7 @@ func (n CurrentHTTPClient) createMeasures(meter metric.Meter) (metric.Int64Histo
semconvNew.HTTPClientRequestDurationName,
metric.WithUnit(semconvNew.HTTPClientRequestDurationUnit),
metric.WithDescription(semconvNew.HTTPClientRequestDurationDescription),
+ metric.WithExplicitBucketBoundaries(0.005, 0.01, 0.025, 0.05, 0.075, 0.1, 0.25, 0.5, 0.75, 1, 2.5, 5, 7.5, 10),
)
handleErr(err)
@@ -501,7 +532,7 @@ func (n CurrentHTTPClient) MetricAttributes(req *http.Request, statusCode int, a
attributes = append(attributes,
semconvNew.HTTPRequestMethodKey.String(standardizeHTTPMethod(req.Method)),
semconvNew.ServerAddress(requestHost),
- n.scheme(req.TLS != nil),
+ n.scheme(req),
)
if port > 0 {
@@ -520,15 +551,18 @@ func (n CurrentHTTPClient) MetricAttributes(req *http.Request, statusCode int, a
return attributes
}
-// Attributes for httptrace.
+// TraceAttributes returns attributes for httptrace.
func (n CurrentHTTPClient) TraceAttributes(host string) []attribute.KeyValue {
return []attribute.KeyValue{
semconvNew.ServerAddress(host),
}
}
-func (n CurrentHTTPClient) scheme(https bool) attribute.KeyValue { // nolint:revive
- if https {
+func (n CurrentHTTPClient) scheme(req *http.Request) attribute.KeyValue {
+ if req.URL != nil && req.URL.Scheme != "" {
+ return semconvNew.URLScheme(req.URL.Scheme)
+ }
+ if req.TLS != nil {
return semconvNew.URLScheme("https")
}
return semconvNew.URLScheme("http")
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
index 315d3dd29c..bc1f7751db 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/util.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconv/util.go.tmpl
// Copyright The OpenTelemetry Authors
@@ -28,17 +28,17 @@ func SplitHostPort(hostport string) (host string, port int) {
port = -1
if strings.HasPrefix(hostport, "[") {
- addrEnd := strings.LastIndex(hostport, "]")
+ addrEnd := strings.LastIndexByte(hostport, ']')
if addrEnd < 0 {
// Invalid hostport.
return
}
- if i := strings.LastIndex(hostport[addrEnd:], ":"); i < 0 {
+ if i := strings.LastIndexByte(hostport[addrEnd:], ':'); i < 0 {
host = hostport[1:addrEnd]
return
}
} else {
- if i := strings.LastIndex(hostport, ":"); i < 0 {
+ if i := strings.LastIndexByte(hostport, ':'); i < 0 {
host = hostport
return
}
@@ -70,12 +70,19 @@ func requiredHTTPPort(https bool, port int) int { // nolint:revive
}
func serverClientIP(xForwardedFor string) string {
- if idx := strings.Index(xForwardedFor, ","); idx >= 0 {
+ if idx := strings.IndexByte(xForwardedFor, ','); idx >= 0 {
xForwardedFor = xForwardedFor[:idx]
}
return xForwardedFor
}
+func httpRoute(pattern string) string {
+ if idx := strings.IndexByte(pattern, '/'); idx >= 0 {
+ return pattern[idx:]
+ }
+ return ""
+}
+
func netProtocol(proto string) (name string, version string) {
name, version, _ = strings.Cut(proto, "/")
switch name {
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
index 742c2113e1..ba7fccf1ef 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv/v1.20.0.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconv/v120.0.go.tmpl
// Copyright The OpenTelemetry Authors
@@ -37,8 +37,8 @@ type OldHTTPServer struct{}
//
// If the primary server name is not known, server should be an empty string.
// The req Host will be used to determine the server instead.
-func (o OldHTTPServer) RequestTraceAttrs(server string, req *http.Request) []attribute.KeyValue {
- return semconvutil.HTTPServerRequest(server, req)
+func (o OldHTTPServer) RequestTraceAttrs(server string, req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return semconvutil.HTTPServerRequest(server, req, semconvutil.HTTPServerRequestOptions{}, attrs)
}
func (o OldHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
@@ -48,9 +48,7 @@ func (o OldHTTPServer) NetworkTransportAttr(network string) attribute.KeyValue {
// ResponseTraceAttrs returns trace attributes for telemetry from an HTTP response.
//
// If any of the fields in the ResponseTelemetry are not set the attribute will be omitted.
-func (o OldHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry) []attribute.KeyValue {
- attributes := []attribute.KeyValue{}
-
+func (o OldHTTPServer) ResponseTraceAttrs(resp ResponseTelemetry, attributes []attribute.KeyValue) []attribute.KeyValue {
if resp.ReadBytes > 0 {
attributes = append(attributes, semconv.HTTPRequestContentLength(int(resp.ReadBytes)))
}
@@ -179,12 +177,12 @@ func (o OldHTTPServer) scheme(https bool) attribute.KeyValue { // nolint:revive
type OldHTTPClient struct{}
-func (o OldHTTPClient) RequestTraceAttrs(req *http.Request) []attribute.KeyValue {
- return semconvutil.HTTPClientRequest(req)
+func (o OldHTTPClient) RequestTraceAttrs(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return semconvutil.HTTPClientRequest(req, attrs)
}
-func (o OldHTTPClient) ResponseTraceAttrs(resp *http.Response) []attribute.KeyValue {
- return semconvutil.HTTPClientResponse(resp)
+func (o OldHTTPClient) ResponseTraceAttrs(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return semconvutil.HTTPClientResponse(resp, attrs)
}
func (o OldHTTPClient) MetricAttributes(req *http.Request, statusCode int, additionalAttributes []attribute.KeyValue) []attribute.KeyValue {
@@ -269,9 +267,7 @@ func (o OldHTTPClient) createMeasures(meter metric.Meter) (metric.Int64Counter,
return requestBytesCounter, responseBytesCounter, latencyMeasure
}
-// Attributes for httptrace.
-func (c OldHTTPClient) TraceAttributes(host string) []attribute.KeyValue {
- return []attribute.KeyValue{
- semconv.NetHostName(host),
- }
+// TraceAttributes returns attributes for httptrace.
+func (c OldHTTPClient) TraceAttributes(host string, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return append(attrs, semconv.NetHostName(host))
}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
index a73bb06e90..b997354793 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/httpconv.go
@@ -1,14 +1,16 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconvutil/httpconv.go.tmpl
// Copyright The OpenTelemetry Authors
// SPDX-License-Identifier: Apache-2.0
+// Package semconvutil provides OpenTelemetry semantic convention utilities.
package semconvutil // import "go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil"
import (
"fmt"
"net/http"
+ "slices"
"strings"
"go.opentelemetry.io/otel/attribute"
@@ -16,6 +18,11 @@ import (
semconv "go.opentelemetry.io/otel/semconv/v1.20.0"
)
+type HTTPServerRequestOptions struct {
+ // If set, this is used as value for the "http.client_ip" attribute.
+ HTTPClientIP string
+}
+
// HTTPClientResponse returns trace attributes for an HTTP response received by a
// client from a server. It will return the following attributes if the related
// values are defined in resp: "http.status.code",
@@ -26,9 +33,9 @@ import (
// attributes. If a complete set of attributes can be generated using the
// request contained in resp. For example:
//
-// append(HTTPClientResponse(resp), ClientRequest(resp.Request)...)
-func HTTPClientResponse(resp *http.Response) []attribute.KeyValue {
- return hc.ClientResponse(resp)
+// HTTPClientResponse(resp, ClientRequest(resp.Request)))
+func HTTPClientResponse(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return hc.ClientResponse(resp, attrs)
}
// HTTPClientRequest returns trace attributes for an HTTP request made by a client.
@@ -36,8 +43,8 @@ func HTTPClientResponse(resp *http.Response) []attribute.KeyValue {
// "net.peer.name". The following attributes are returned if the related values
// are defined in req: "net.peer.port", "user_agent.original",
// "http.request_content_length".
-func HTTPClientRequest(req *http.Request) []attribute.KeyValue {
- return hc.ClientRequest(req)
+func HTTPClientRequest(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return hc.ClientRequest(req, attrs)
}
// HTTPClientRequestMetrics returns metric attributes for an HTTP request made by a client.
@@ -75,8 +82,8 @@ func HTTPClientStatus(code int) (codes.Code, string) {
// "http.target", "net.host.name". The following attributes are returned if
// they related values are defined in req: "net.host.port", "net.sock.peer.addr",
// "net.sock.peer.port", "user_agent.original", "http.client_ip".
-func HTTPServerRequest(server string, req *http.Request) []attribute.KeyValue {
- return hc.ServerRequest(server, req)
+func HTTPServerRequest(server string, req *http.Request, opts HTTPServerRequestOptions, attrs []attribute.KeyValue) []attribute.KeyValue {
+ return hc.ServerRequest(server, req, opts, attrs)
}
// HTTPServerRequestMetrics returns metric attributes for an HTTP request received by a
@@ -153,8 +160,8 @@ var hc = &httpConv{
// attributes. If a complete set of attributes can be generated using the
// request contained in resp. For example:
//
-// append(ClientResponse(resp), ClientRequest(resp.Request)...)
-func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
+// ClientResponse(resp, ClientRequest(resp.Request))
+func (c *httpConv) ClientResponse(resp *http.Response, attrs []attribute.KeyValue) []attribute.KeyValue {
/* The following semantic conventions are returned if present:
http.status_code int
http.response_content_length int
@@ -166,8 +173,11 @@ func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
if resp.ContentLength > 0 {
n++
}
+ if n == 0 {
+ return attrs
+ }
- attrs := make([]attribute.KeyValue, 0, n)
+ attrs = slices.Grow(attrs, n)
if resp.StatusCode > 0 {
attrs = append(attrs, c.HTTPStatusCodeKey.Int(resp.StatusCode))
}
@@ -182,7 +192,7 @@ func (c *httpConv) ClientResponse(resp *http.Response) []attribute.KeyValue {
// "net.peer.name". The following attributes are returned if the related values
// are defined in req: "net.peer.port", "user_agent.original",
// "http.request_content_length", "user_agent.original".
-func (c *httpConv) ClientRequest(req *http.Request) []attribute.KeyValue {
+func (c *httpConv) ClientRequest(req *http.Request, attrs []attribute.KeyValue) []attribute.KeyValue {
/* The following semantic conventions are returned if present:
http.method string
user_agent.original string
@@ -221,8 +231,7 @@ func (c *httpConv) ClientRequest(req *http.Request) []attribute.KeyValue {
n++
}
- attrs := make([]attribute.KeyValue, 0, n)
-
+ attrs = slices.Grow(attrs, n)
attrs = append(attrs, c.method(req.Method))
var u string
@@ -305,7 +314,7 @@ func (c *httpConv) ClientRequestMetrics(req *http.Request) []attribute.KeyValue
// related values are defined in req: "net.host.port", "net.sock.peer.addr",
// "net.sock.peer.port", "user_agent.original", "http.client_ip",
// "net.protocol.name", "net.protocol.version".
-func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.KeyValue {
+func (c *httpConv) ServerRequest(server string, req *http.Request, opts HTTPServerRequestOptions, attrs []attribute.KeyValue) []attribute.KeyValue {
/* The following semantic conventions are returned if present:
http.method string
http.scheme string
@@ -358,7 +367,17 @@ func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.K
n++
}
- clientIP := serverClientIP(req.Header.Get("X-Forwarded-For"))
+ // For client IP, use, in order:
+ // 1. The value passed in the options
+ // 2. The value in the X-Forwarded-For header
+ // 3. The peer address
+ clientIP := opts.HTTPClientIP
+ if clientIP == "" {
+ clientIP = serverClientIP(req.Header.Get("X-Forwarded-For"))
+ if clientIP == "" {
+ clientIP = peer
+ }
+ }
if clientIP != "" {
n++
}
@@ -378,7 +397,7 @@ func (c *httpConv) ServerRequest(server string, req *http.Request) []attribute.K
n++
}
- attrs := make([]attribute.KeyValue, 0, n)
+ attrs = slices.Grow(attrs, n)
attrs = append(attrs, c.method(req.Method))
attrs = append(attrs, c.scheme(req.TLS != nil))
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
index de74fa252a..df97255e41 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil/netconv.go
@@ -1,4 +1,4 @@
-// Code created by gotmpl. DO NOT MODIFY.
+// Code generated by gotmpl. DO NOT MODIFY.
// source: internal/shared/semconvutil/netconv.go.tmpl
// Copyright The OpenTelemetry Authors
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
index ea504e396f..d62ce44b00 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/labeler.go
@@ -35,14 +35,14 @@ func (l *Labeler) Get() []attribute.KeyValue {
type labelerContextKeyType int
-const lablelerContextKey labelerContextKeyType = 0
+const labelerContextKey labelerContextKeyType = 0
// ContextWithLabeler returns a new context with the provided Labeler instance.
// Attributes added to the specified labeler will be injected into metrics
// emitted by the instrumentation. Only one labeller can be injected into the
// context. Injecting it multiple times will override the previous calls.
func ContextWithLabeler(parent context.Context, l *Labeler) context.Context {
- return context.WithValue(parent, lablelerContextKey, l)
+ return context.WithValue(parent, labelerContextKey, l)
}
// LabelerFromContext retrieves a Labeler instance from the provided context if
@@ -50,7 +50,7 @@ func ContextWithLabeler(parent context.Context, l *Labeler) context.Context {
// Labeler is returned and the second return value is false. In this case it is
// safe to use the Labeler but any attributes added to it will not be used.
func LabelerFromContext(ctx context.Context) (*Labeler, bool) {
- l, ok := ctx.Value(lablelerContextKey).(*Labeler)
+ l, ok := ctx.Value(labelerContextKey).(*Labeler)
if !ok {
l = &Labeler{}
}
diff --git a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
index 1ec9a00c7a..6be4c1fde2 100644
--- a/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
+++ b/vendor/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/version.go
@@ -5,13 +5,6 @@ package otelhttp // import "go.opentelemetry.io/contrib/instrumentation/net/http
// Version is the current release version of the otelhttp instrumentation.
func Version() string {
- return "0.60.0"
+ return "0.61.0"
// This string is updated by the pre_release.sh script during release
}
-
-// SemVersion is the semantic version to be supplied to tracer/meter creation.
-//
-// Deprecated: Use [Version] instead.
-func SemVersion() string {
- return Version()
-}
diff --git a/vendor/go.opentelemetry.io/otel/.golangci.yml b/vendor/go.opentelemetry.io/otel/.golangci.yml
index c58e48ab0c..888e5da802 100644
--- a/vendor/go.opentelemetry.io/otel/.golangci.yml
+++ b/vendor/go.opentelemetry.io/otel/.golangci.yml
@@ -1,13 +1,9 @@
-# See https://github.com/golangci/golangci-lint#config-file
+version: "2"
run:
- issues-exit-code: 1 #Default
- tests: true #Default
-
+ issues-exit-code: 1
+ tests: true
linters:
- # Disable everything by default so upgrades to not include new "default
- # enabled" linters.
- disable-all: true
- # Specifically enable linters we want to use.
+ default: none
enable:
- asasalint
- bodyclose
@@ -15,10 +11,7 @@ linters:
- errcheck
- errorlint
- godot
- - gofumpt
- - goimports
- gosec
- - gosimple
- govet
- ineffassign
- misspell
@@ -26,227 +19,230 @@ linters:
- revive
- staticcheck
- testifylint
- - typecheck
- unconvert
- - unused
- unparam
+ - unused
- usestdlibvars
- usetesting
-
+ settings:
+ depguard:
+ rules:
+ auto/sdk:
+ files:
+ - '!internal/global/trace.go'
+ - ~internal/global/trace_test.go
+ deny:
+ - pkg: go.opentelemetry.io/auto/sdk
+ desc: Do not use SDK from automatic instrumentation.
+ non-tests:
+ files:
+ - '!$test'
+ - '!**/*test/*.go'
+ - '!**/internal/matchers/*.go'
+ deny:
+ - pkg: testing
+ - pkg: github.com/stretchr/testify
+ - pkg: crypto/md5
+ - pkg: crypto/sha1
+ - pkg: crypto/**/pkix
+ otel-internal:
+ files:
+ - '**/sdk/*.go'
+ - '**/sdk/**/*.go'
+ - '**/exporters/*.go'
+ - '**/exporters/**/*.go'
+ - '**/schema/*.go'
+ - '**/schema/**/*.go'
+ - '**/metric/*.go'
+ - '**/metric/**/*.go'
+ - '**/bridge/*.go'
+ - '**/bridge/**/*.go'
+ - '**/trace/*.go'
+ - '**/trace/**/*.go'
+ - '**/log/*.go'
+ - '**/log/**/*.go'
+ deny:
+ - pkg: go.opentelemetry.io/otel/internal$
+ desc: Do not use cross-module internal packages.
+ - pkg: go.opentelemetry.io/otel/internal/internaltest
+ desc: Do not use cross-module internal packages.
+ - pkg: go.opentelemetry.io/otel/internal/matchers
+ desc: Do not use cross-module internal packages.
+ otlp-internal:
+ files:
+ - '!**/exporters/otlp/internal/**/*.go'
+ deny:
+ - pkg: go.opentelemetry.io/otel/exporters/otlp/internal
+ desc: Do not use cross-module internal packages.
+ otlpmetric-internal:
+ files:
+ - '!**/exporters/otlp/otlpmetric/internal/*.go'
+ - '!**/exporters/otlp/otlpmetric/internal/**/*.go'
+ deny:
+ - pkg: go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal
+ desc: Do not use cross-module internal packages.
+ otlptrace-internal:
+ files:
+ - '!**/exporters/otlp/otlptrace/*.go'
+ - '!**/exporters/otlp/otlptrace/internal/**.go'
+ deny:
+ - pkg: go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal
+ desc: Do not use cross-module internal packages.
+ godot:
+ exclude:
+ # Exclude links.
+ - '^ *\[[^]]+\]:'
+ # Exclude sentence fragments for lists.
+ - ^[ ]*[-•]
+ # Exclude sentences prefixing a list.
+ - :$
+ misspell:
+ locale: US
+ ignore-rules:
+ - cancelled
+ perfsprint:
+ int-conversion: true
+ err-error: true
+ errorf: true
+ sprintf1: true
+ strconcat: true
+ revive:
+ confidence: 0.01
+ rules:
+ - name: blank-imports
+ - name: bool-literal-in-expr
+ - name: constant-logical-expr
+ - name: context-as-argument
+ arguments:
+ - allowTypesBefore: '*testing.T'
+ disabled: true
+ - name: context-keys-type
+ - name: deep-exit
+ - name: defer
+ arguments:
+ - - call-chain
+ - loop
+ - name: dot-imports
+ - name: duplicated-imports
+ - name: early-return
+ arguments:
+ - preserveScope
+ - name: empty-block
+ - name: empty-lines
+ - name: error-naming
+ - name: error-return
+ - name: error-strings
+ - name: errorf
+ - name: exported
+ arguments:
+ - sayRepetitiveInsteadOfStutters
+ - name: flag-parameter
+ - name: identical-branches
+ - name: if-return
+ - name: import-shadowing
+ - name: increment-decrement
+ - name: indent-error-flow
+ arguments:
+ - preserveScope
+ - name: package-comments
+ - name: range
+ - name: range-val-in-closure
+ - name: range-val-address
+ - name: redefines-builtin-id
+ - name: string-format
+ arguments:
+ - - panic
+ - /^[^\n]*$/
+ - must not contain line breaks
+ - name: struct-tag
+ - name: superfluous-else
+ arguments:
+ - preserveScope
+ - name: time-equal
+ - name: unconditional-recursion
+ - name: unexported-return
+ - name: unhandled-error
+ arguments:
+ - fmt.Fprint
+ - fmt.Fprintf
+ - fmt.Fprintln
+ - fmt.Print
+ - fmt.Printf
+ - fmt.Println
+ - name: unnecessary-stmt
+ - name: useless-break
+ - name: var-declaration
+ - name: var-naming
+ arguments:
+ - ["ID"] # AllowList
+ - ["Otel", "Aws", "Gcp"] # DenyList
+ - name: waitgroup-by-value
+ testifylint:
+ enable-all: true
+ disable:
+ - float-compare
+ - go-require
+ - require-error
+ exclusions:
+ generated: lax
+ presets:
+ - common-false-positives
+ - legacy
+ - std-error-handling
+ rules:
+ # TODO: Having appropriate comments for exported objects helps development,
+ # even for objects in internal packages. Appropriate comments for all
+ # exported objects should be added and this exclusion removed.
+ - linters:
+ - revive
+ path: .*internal/.*
+ text: exported (method|function|type|const) (.+) should have comment or be unexported
+ # Yes, they are, but it's okay in a test.
+ - linters:
+ - revive
+ path: _test\.go
+ text: exported func.*returns unexported type.*which can be annoying to use
+ # Example test functions should be treated like main.
+ - linters:
+ - revive
+ path: example.*_test\.go
+ text: calls to (.+) only in main[(][)] or init[(][)] functions
+ # It's okay to not run gosec and perfsprint in a test.
+ - linters:
+ - gosec
+ - perfsprint
+ path: _test\.go
+ # Ignoring gosec G404: Use of weak random number generator (math/rand instead of crypto/rand)
+ # as we commonly use it in tests and examples.
+ - linters:
+ - gosec
+ text: 'G404:'
+ # Ignoring gosec G402: TLS MinVersion too low
+ # as the https://pkg.go.dev/crypto/tls#Config handles MinVersion default well.
+ - linters:
+ - gosec
+ text: 'G402: TLS MinVersion too low.'
+ paths:
+ - third_party$
+ - builtin$
+ - examples$
issues:
- # Maximum issues count per one linter.
- # Set to 0 to disable.
- # Default: 50
- # Setting to unlimited so the linter only is run once to debug all issues.
max-issues-per-linter: 0
- # Maximum count of issues with the same text.
- # Set to 0 to disable.
- # Default: 3
- # Setting to unlimited so the linter only is run once to debug all issues.
max-same-issues: 0
- # Excluding configuration per-path, per-linter, per-text and per-source.
- exclude-rules:
- # TODO: Having appropriate comments for exported objects helps development,
- # even for objects in internal packages. Appropriate comments for all
- # exported objects should be added and this exclusion removed.
- - path: '.*internal/.*'
- text: "exported (method|function|type|const) (.+) should have comment or be unexported"
- linters:
- - revive
- # Yes, they are, but it's okay in a test.
- - path: _test\.go
- text: "exported func.*returns unexported type.*which can be annoying to use"
- linters:
- - revive
- # Example test functions should be treated like main.
- - path: example.*_test\.go
- text: "calls to (.+) only in main[(][)] or init[(][)] functions"
- linters:
- - revive
- # It's okay to not run gosec and perfsprint in a test.
- - path: _test\.go
- linters:
- - gosec
- - perfsprint
- # Ignoring gosec G404: Use of weak random number generator (math/rand instead of crypto/rand)
- # as we commonly use it in tests and examples.
- - text: "G404:"
- linters:
- - gosec
- # Ignoring gosec G402: TLS MinVersion too low
- # as the https://pkg.go.dev/crypto/tls#Config handles MinVersion default well.
- - text: "G402: TLS MinVersion too low."
- linters:
- - gosec
- include:
- # revive exported should have comment or be unexported.
- - EXC0012
- # revive package comment should be of the form ...
- - EXC0013
-
-linters-settings:
- depguard:
- rules:
- non-tests:
- files:
- - "!$test"
- - "!**/*test/*.go"
- - "!**/internal/matchers/*.go"
- deny:
- - pkg: "testing"
- - pkg: "github.com/stretchr/testify"
- - pkg: "crypto/md5"
- - pkg: "crypto/sha1"
- - pkg: "crypto/**/pkix"
- auto/sdk:
- files:
- - "!internal/global/trace.go"
- - "~internal/global/trace_test.go"
- deny:
- - pkg: "go.opentelemetry.io/auto/sdk"
- desc: Do not use SDK from automatic instrumentation.
- otlp-internal:
- files:
- - "!**/exporters/otlp/internal/**/*.go"
- deny:
- - pkg: "go.opentelemetry.io/otel/exporters/otlp/internal"
- desc: Do not use cross-module internal packages.
- otlptrace-internal:
- files:
- - "!**/exporters/otlp/otlptrace/*.go"
- - "!**/exporters/otlp/otlptrace/internal/**.go"
- deny:
- - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlptrace/internal"
- desc: Do not use cross-module internal packages.
- otlpmetric-internal:
- files:
- - "!**/exporters/otlp/otlpmetric/internal/*.go"
- - "!**/exporters/otlp/otlpmetric/internal/**/*.go"
- deny:
- - pkg: "go.opentelemetry.io/otel/exporters/otlp/otlpmetric/internal"
- desc: Do not use cross-module internal packages.
- otel-internal:
- files:
- - "**/sdk/*.go"
- - "**/sdk/**/*.go"
- - "**/exporters/*.go"
- - "**/exporters/**/*.go"
- - "**/schema/*.go"
- - "**/schema/**/*.go"
- - "**/metric/*.go"
- - "**/metric/**/*.go"
- - "**/bridge/*.go"
- - "**/bridge/**/*.go"
- - "**/trace/*.go"
- - "**/trace/**/*.go"
- - "**/log/*.go"
- - "**/log/**/*.go"
- deny:
- - pkg: "go.opentelemetry.io/otel/internal$"
- desc: Do not use cross-module internal packages.
- - pkg: "go.opentelemetry.io/otel/internal/attribute"
- desc: Do not use cross-module internal packages.
- - pkg: "go.opentelemetry.io/otel/internal/internaltest"
- desc: Do not use cross-module internal packages.
- - pkg: "go.opentelemetry.io/otel/internal/matchers"
- desc: Do not use cross-module internal packages.
- godot:
- exclude:
- # Exclude links.
- - '^ *\[[^]]+\]:'
- # Exclude sentence fragments for lists.
- - '^[ ]*[-•]'
- # Exclude sentences prefixing a list.
- - ':$'
- goimports:
- local-prefixes: go.opentelemetry.io
- misspell:
- locale: US
- ignore-words:
- - cancelled
- perfsprint:
- err-error: true
- errorf: true
- int-conversion: true
- sprintf1: true
- strconcat: true
- revive:
- # Sets the default failure confidence.
- # This means that linting errors with less than 0.8 confidence will be ignored.
- # Default: 0.8
- confidence: 0.01
- # https://github.com/mgechev/revive/blob/master/RULES_DESCRIPTIONS.md
- rules:
- - name: blank-imports
- - name: bool-literal-in-expr
- - name: constant-logical-expr
- - name: context-as-argument
- disabled: true
- arguments:
- - allowTypesBefore: "*testing.T"
- - name: context-keys-type
- - name: deep-exit
- - name: defer
- arguments:
- - ["call-chain", "loop"]
- - name: dot-imports
- - name: duplicated-imports
- - name: early-return
- arguments:
- - "preserveScope"
- - name: empty-block
- - name: empty-lines
- - name: error-naming
- - name: error-return
- - name: error-strings
- - name: errorf
- - name: exported
- arguments:
- - "sayRepetitiveInsteadOfStutters"
- - name: flag-parameter
- - name: identical-branches
- - name: if-return
- - name: import-shadowing
- - name: increment-decrement
- - name: indent-error-flow
- arguments:
- - "preserveScope"
- - name: package-comments
- - name: range
- - name: range-val-in-closure
- - name: range-val-address
- - name: redefines-builtin-id
- - name: string-format
- arguments:
- - - panic
- - '/^[^\n]*$/'
- - must not contain line breaks
- - name: struct-tag
- - name: superfluous-else
- arguments:
- - "preserveScope"
- - name: time-equal
- - name: unconditional-recursion
- - name: unexported-return
- - name: unhandled-error
- arguments:
- - "fmt.Fprint"
- - "fmt.Fprintf"
- - "fmt.Fprintln"
- - "fmt.Print"
- - "fmt.Printf"
- - "fmt.Println"
- - name: unnecessary-stmt
- - name: useless-break
- - name: var-declaration
- - name: var-naming
- arguments:
- - ["ID"] # AllowList
- - ["Otel", "Aws", "Gcp"] # DenyList
- - name: waitgroup-by-value
- testifylint:
- enable-all: true
- disable:
- - float-compare
- - go-require
- - require-error
+formatters:
+ enable:
+ - gofumpt
+ - goimports
+ - golines
+ settings:
+ goimports:
+ local-prefixes:
+ - go.opentelemetry.io
+ golines:
+ max-len: 120
+ exclusions:
+ generated: lax
+ paths:
+ - third_party$
+ - builtin$
+ - examples$
diff --git a/vendor/go.opentelemetry.io/otel/CHANGELOG.md b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
index c076db2823..648e4abab8 100644
--- a/vendor/go.opentelemetry.io/otel/CHANGELOG.md
+++ b/vendor/go.opentelemetry.io/otel/CHANGELOG.md
@@ -11,6 +11,57 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
+## [1.36.0/0.58.0/0.12.0] 2025-05-20
+
+### Added
+
+- Add exponential histogram support in `go.opentelemetry.io/otel/exporters/prometheus`. (#6421)
+- The `go.opentelemetry.io/otel/semconv/v1.31.0` package.
+ The package contains semantic conventions from the `v1.31.0` version of the OpenTelemetry Semantic Conventions.
+ See the [migration documentation](./semconv/v1.31.0/MIGRATION.md) for information on how to upgrade from `go.opentelemetry.io/otel/semconv/v1.30.0`. (#6479)
+- Add `Recording`, `Scope`, and `Record` types in `go.opentelemetry.io/otel/log/logtest`. (#6507)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp`. (#6751)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetrichttp`. (#6752)
+- Add `WithHTTPClient` option to configure the `http.Client` used by `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp`. (#6688)
+- Add `ValuesGetter` in `go.opentelemetry.io/otel/propagation`, a `TextMapCarrier` that supports retrieving multiple values for a single key. (#5973)
+- Add `Values` method to `HeaderCarrier` to implement the new `ValuesGetter` interface in `go.opentelemetry.io/otel/propagation`. (#5973)
+- Update `Baggage` in `go.opentelemetry.io/otel/propagation` to retrieve multiple values for a key when the carrier implements `ValuesGetter`. (#5973)
+- Add `AssertEqual` function in `go.opentelemetry.io/otel/log/logtest`. (#6662)
+- The `go.opentelemetry.io/otel/semconv/v1.32.0` package.
+ The package contains semantic conventions from the `v1.32.0` version of the OpenTelemetry Semantic Conventions.
+ See the [migration documentation](./semconv/v1.32.0/MIGRATION.md) for information on how to upgrade from `go.opentelemetry.io/otel/semconv/v1.31.0`(#6782)
+- Add `Transform` option in `go.opentelemetry.io/otel/log/logtest`. (#6794)
+- Add `Desc` option in `go.opentelemetry.io/otel/log/logtest`. (#6796)
+
+### Removed
+
+- Drop support for [Go 1.22]. (#6381, #6418)
+- Remove `Resource` field from `EnabledParameters` in `go.opentelemetry.io/otel/sdk/log`. (#6494)
+- Remove `RecordFactory` type from `go.opentelemetry.io/otel/log/logtest`. (#6492)
+- Remove `ScopeRecords`, `EmittedRecord`, and `RecordFactory` types from `go.opentelemetry.io/otel/log/logtest`. (#6507)
+- Remove `AssertRecordEqual` function in `go.opentelemetry.io/otel/log/logtest`, use `AssertEqual` instead. (#6662)
+
+### Changed
+
+- ⚠️ Update `github.com/prometheus/client_golang` to `v1.21.1`, which changes the `NameValidationScheme` to `UTF8Validation`.
+ This allows metrics names to keep original delimiters (e.g. `.`), rather than replacing with underscores.
+ This can be reverted by setting `github.com/prometheus/common/model.NameValidationScheme` to `LegacyValidation` in `github.com/prometheus/common/model`. (#6433)
+- Initialize map with `len(keys)` in `NewAllowKeysFilter` and `NewDenyKeysFilter` to avoid unnecessary allocations in `go.opentelemetry.io/otel/attribute`. (#6455)
+- `go.opentelemetry.io/otel/log/logtest` is now a separate Go module. (#6465)
+- `go.opentelemetry.io/otel/sdk/log/logtest` is now a separate Go module. (#6466)
+- `Recorder` in `go.opentelemetry.io/otel/log/logtest` no longer separately stores records emitted by loggers with the same instrumentation scope. (#6507)
+- Improve performance of `BatchProcessor` in `go.opentelemetry.io/otel/sdk/log` by not exporting when exporter cannot accept more. (#6569, #6641)
+
+### Deprecated
+
+- Deprecate support for `model.LegacyValidation` for `go.opentelemetry.io/otel/exporters/prometheus`. (#6449)
+
+### Fixes
+
+- Stop percent encoding header environment variables in `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploggrpc` and `go.opentelemetry.io/otel/exporters/otlp/otlplog/otlploghttp`. (#6392)
+- Ensure the `noopSpan.tracerProvider` method is not inlined in `go.opentelemetry.io/otel/trace` so the `go.opentelemetry.io/auto` instrumentation can instrument non-recording spans. (#6456)
+- Use a `sync.Pool` instead of allocating `metricdata.ResourceMetrics` in `go.opentelemetry.io/otel/exporters/prometheus`. (#6472)
+
## [1.35.0/0.57.0/0.11.0] 2025-03-05
This release is the last to support [Go 1.22].
@@ -3237,7 +3288,8 @@ It contains api and sdk for trace and meter.
- CircleCI build CI manifest files.
- CODEOWNERS file to track owners of this project.
-[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.35.0...HEAD
+[Unreleased]: https://github.com/open-telemetry/opentelemetry-go/compare/v1.36.0...HEAD
+[1.36.0/0.58.0/0.12.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.36.0
[1.35.0/0.57.0/0.11.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.35.0
[1.34.0/0.56.0/0.10.0]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.34.0
[1.33.0/0.55.0/0.9.0/0.0.12]: https://github.com/open-telemetry/opentelemetry-go/releases/tag/v1.33.0
diff --git a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
index 7b8af585aa..1902dac057 100644
--- a/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
+++ b/vendor/go.opentelemetry.io/otel/CONTRIBUTING.md
@@ -643,6 +643,7 @@ should be canceled.
### Triagers
+- [Alex Kats](https://github.com/akats7), Capital One
- [Cheng-Zhen Yang](https://github.com/scorpionknifes), Independent
### Approvers
diff --git a/vendor/go.opentelemetry.io/otel/Makefile b/vendor/go.opentelemetry.io/otel/Makefile
index 226410d742..62a56f4d34 100644
--- a/vendor/go.opentelemetry.io/otel/Makefile
+++ b/vendor/go.opentelemetry.io/otel/Makefile
@@ -43,8 +43,11 @@ $(TOOLS)/crosslink: PACKAGE=go.opentelemetry.io/build-tools/crosslink
SEMCONVKIT = $(TOOLS)/semconvkit
$(TOOLS)/semconvkit: PACKAGE=go.opentelemetry.io/otel/$(TOOLS_MOD_DIR)/semconvkit
+VERIFYREADMES = $(TOOLS)/verifyreadmes
+$(TOOLS)/verifyreadmes: PACKAGE=go.opentelemetry.io/otel/$(TOOLS_MOD_DIR)/verifyreadmes
+
GOLANGCI_LINT = $(TOOLS)/golangci-lint
-$(TOOLS)/golangci-lint: PACKAGE=github.com/golangci/golangci-lint/cmd/golangci-lint
+$(TOOLS)/golangci-lint: PACKAGE=github.com/golangci/golangci-lint/v2/cmd/golangci-lint
MISSPELL = $(TOOLS)/misspell
$(TOOLS)/misspell: PACKAGE=github.com/client9/misspell/cmd/misspell
@@ -68,7 +71,7 @@ GOVULNCHECK = $(TOOLS)/govulncheck
$(TOOLS)/govulncheck: PACKAGE=golang.org/x/vuln/cmd/govulncheck
.PHONY: tools
-tools: $(CROSSLINK) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(SEMCONVGEN) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE)
+tools: $(CROSSLINK) $(GOLANGCI_LINT) $(MISSPELL) $(GOCOVMERGE) $(STRINGER) $(PORTO) $(SEMCONVGEN) $(VERIFYREADMES) $(MULTIMOD) $(SEMCONVKIT) $(GOTMPL) $(GORELEASE)
# Virtualized python tools via docker
@@ -213,11 +216,8 @@ go-mod-tidy/%: crosslink
&& cd $(DIR) \
&& $(GO) mod tidy -compat=1.21
-.PHONY: lint-modules
-lint-modules: go-mod-tidy
-
.PHONY: lint
-lint: misspell lint-modules golangci-lint govulncheck
+lint: misspell go-mod-tidy golangci-lint govulncheck
.PHONY: vanity-import-check
vanity-import-check: $(PORTO)
@@ -319,10 +319,11 @@ add-tags: verify-mods
@[ "${MODSET}" ] || ( echo ">> env var MODSET is not set"; exit 1 )
$(MULTIMOD) tag -m ${MODSET} -c ${COMMIT}
+MARKDOWNIMAGE := $(shell awk '$$4=="markdown" {print $$2}' $(DEPENDENCIES_DOCKERFILE))
.PHONY: lint-markdown
lint-markdown:
- docker run -v "$(CURDIR):$(WORKDIR)" avtodev/markdown-lint:v1 -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
+ docker run --rm -u $(DOCKER_USER) -v "$(CURDIR):$(WORKDIR)" $(MARKDOWNIMAGE) -c $(WORKDIR)/.markdownlint.yaml $(WORKDIR)/**/*.md
.PHONY: verify-readmes
-verify-readmes:
- ./verify_readmes.sh
+verify-readmes: $(VERIFYREADMES)
+ $(VERIFYREADMES)
diff --git a/vendor/go.opentelemetry.io/otel/README.md b/vendor/go.opentelemetry.io/otel/README.md
index 8421cd7e59..b600788121 100644
--- a/vendor/go.opentelemetry.io/otel/README.md
+++ b/vendor/go.opentelemetry.io/otel/README.md
@@ -6,6 +6,7 @@
[](https://goreportcard.com/report/go.opentelemetry.io/otel)
[](https://scorecard.dev/viewer/?uri=github.com/open-telemetry/opentelemetry-go)
[](https://www.bestpractices.dev/projects/9996)
+[](https://issues.oss-fuzz.com/issues?q=project:opentelemetry-go)
[](https://cloud-native.slack.com/archives/C01NPAXACKT)
OpenTelemetry-Go is the [Go](https://golang.org/) implementation of [OpenTelemetry](https://opentelemetry.io/).
@@ -53,25 +54,18 @@ Currently, this project supports the following environments.
|----------|------------|--------------|
| Ubuntu | 1.24 | amd64 |
| Ubuntu | 1.23 | amd64 |
-| Ubuntu | 1.22 | amd64 |
| Ubuntu | 1.24 | 386 |
| Ubuntu | 1.23 | 386 |
-| Ubuntu | 1.22 | 386 |
| Ubuntu | 1.24 | arm64 |
| Ubuntu | 1.23 | arm64 |
-| Ubuntu | 1.22 | arm64 |
| macOS 13 | 1.24 | amd64 |
| macOS 13 | 1.23 | amd64 |
-| macOS 13 | 1.22 | amd64 |
| macOS | 1.24 | arm64 |
| macOS | 1.23 | arm64 |
-| macOS | 1.22 | arm64 |
| Windows | 1.24 | amd64 |
| Windows | 1.23 | amd64 |
-| Windows | 1.22 | amd64 |
| Windows | 1.24 | 386 |
| Windows | 1.23 | 386 |
-| Windows | 1.22 | 386 |
While this project should work for other systems, no compatibility guarantees
are made for those systems currently.
diff --git a/vendor/go.opentelemetry.io/otel/RELEASING.md b/vendor/go.opentelemetry.io/otel/RELEASING.md
index 1e13ae54f7..7c1a9119dc 100644
--- a/vendor/go.opentelemetry.io/otel/RELEASING.md
+++ b/vendor/go.opentelemetry.io/otel/RELEASING.md
@@ -1,5 +1,9 @@
# Release Process
+## Create a `Version Release` issue
+
+Create a `Version Release` issue to track the release process.
+
## Semantic Convention Generation
New versions of the [OpenTelemetry Semantic Conventions] mean new versions of the `semconv` package need to be generated.
@@ -123,6 +127,16 @@ Importantly, bump any package versions referenced to be the latest one you just
[Go instrumentation documentation]: https://opentelemetry.io/docs/languages/go/
[content/en/docs/languages/go]: https://github.com/open-telemetry/opentelemetry.io/tree/main/content/en/docs/languages/go
+### Close the milestone
+
+Once a release is made, ensure all issues that were fixed and PRs that were merged as part of this release are added to the corresponding milestone.
+This helps track what changes were included in each release.
+
+- To find issues that haven't been included in a milestone, use this [GitHub search query](https://github.com/open-telemetry/opentelemetry-go/issues?q=is%3Aissue%20no%3Amilestone%20is%3Aclosed%20sort%3Aupdated-desc%20reason%3Acompleted%20-label%3AStale%20linked%3Apr)
+- To find merged PRs that haven't been included in a milestone, use this [GitHub search query](https://github.com/open-telemetry/opentelemetry-go/pulls?q=is%3Apr+no%3Amilestone+is%3Amerged).
+
+Once all related issues and PRs have been added to the milestone, close the milestone.
+
### Demo Repository
Bump the dependencies in the following Go services:
@@ -130,3 +144,7 @@ Bump the dependencies in the following Go services:
- [`accounting`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/accounting)
- [`checkoutservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/checkout)
- [`productcatalogservice`](https://github.com/open-telemetry/opentelemetry-demo/tree/main/src/product-catalog)
+
+### Close the `Version Release` issue
+
+Once the todo list in the `Version Release` issue is complete, close the issue.
diff --git a/vendor/go.opentelemetry.io/otel/attribute/filter.go b/vendor/go.opentelemetry.io/otel/attribute/filter.go
index be9cd922d8..3eeaa5d442 100644
--- a/vendor/go.opentelemetry.io/otel/attribute/filter.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/filter.go
@@ -19,7 +19,7 @@ func NewAllowKeysFilter(keys ...Key) Filter {
return func(kv KeyValue) bool { return false }
}
- allowed := make(map[Key]struct{})
+ allowed := make(map[Key]struct{}, len(keys))
for _, k := range keys {
allowed[k] = struct{}{}
}
@@ -38,7 +38,7 @@ func NewDenyKeysFilter(keys ...Key) Filter {
return func(kv KeyValue) bool { return true }
}
- forbid := make(map[Key]struct{})
+ forbid := make(map[Key]struct{}, len(keys))
for _, k := range keys {
forbid[k] = struct{}{}
}
diff --git a/vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go b/vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
similarity index 97%
rename from vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go
rename to vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
index 691d96c755..b76d2bbfdb 100644
--- a/vendor/go.opentelemetry.io/otel/internal/attribute/attribute.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/internal/attribute.go
@@ -5,7 +5,7 @@
Package attribute provide several helper functions for some commonly used
logic of processing attributes.
*/
-package attribute // import "go.opentelemetry.io/otel/internal/attribute"
+package attribute // import "go.opentelemetry.io/otel/attribute/internal"
import (
"reflect"
diff --git a/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go b/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go
new file mode 100644
index 0000000000..5791c6e7aa
--- /dev/null
+++ b/vendor/go.opentelemetry.io/otel/attribute/rawhelpers.go
@@ -0,0 +1,37 @@
+// Copyright The OpenTelemetry Authors
+// SPDX-License-Identifier: Apache-2.0
+
+package attribute // import "go.opentelemetry.io/otel/attribute"
+
+import (
+ "math"
+)
+
+func boolToRaw(b bool) uint64 { // nolint:revive // b is not a control flag.
+ if b {
+ return 1
+ }
+ return 0
+}
+
+func rawToBool(r uint64) bool {
+ return r != 0
+}
+
+func int64ToRaw(i int64) uint64 {
+ // Assumes original was a valid int64 (overflow not checked).
+ return uint64(i) // nolint: gosec
+}
+
+func rawToInt64(r uint64) int64 {
+ // Assumes original was a valid int64 (overflow not checked).
+ return int64(r) // nolint: gosec
+}
+
+func float64ToRaw(f float64) uint64 {
+ return math.Float64bits(f)
+}
+
+func rawToFloat64(r uint64) float64 {
+ return math.Float64frombits(r)
+}
diff --git a/vendor/go.opentelemetry.io/otel/attribute/value.go b/vendor/go.opentelemetry.io/otel/attribute/value.go
index 9ea0ecbbd2..817eecacf1 100644
--- a/vendor/go.opentelemetry.io/otel/attribute/value.go
+++ b/vendor/go.opentelemetry.io/otel/attribute/value.go
@@ -9,8 +9,7 @@ import (
"reflect"
"strconv"
- "go.opentelemetry.io/otel/internal"
- "go.opentelemetry.io/otel/internal/attribute"
+ attribute "go.opentelemetry.io/otel/attribute/internal"
)
//go:generate stringer -type=Type
@@ -51,7 +50,7 @@ const (
func BoolValue(v bool) Value {
return Value{
vtype: BOOL,
- numeric: internal.BoolToRaw(v),
+ numeric: boolToRaw(v),
}
}
@@ -82,7 +81,7 @@ func IntSliceValue(v []int) Value {
func Int64Value(v int64) Value {
return Value{
vtype: INT64,
- numeric: internal.Int64ToRaw(v),
+ numeric: int64ToRaw(v),
}
}
@@ -95,7 +94,7 @@ func Int64SliceValue(v []int64) Value {
func Float64Value(v float64) Value {
return Value{
vtype: FLOAT64,
- numeric: internal.Float64ToRaw(v),
+ numeric: float64ToRaw(v),
}
}
@@ -125,7 +124,7 @@ func (v Value) Type() Type {
// AsBool returns the bool value. Make sure that the Value's type is
// BOOL.
func (v Value) AsBool() bool {
- return internal.RawToBool(v.numeric)
+ return rawToBool(v.numeric)
}
// AsBoolSlice returns the []bool value. Make sure that the Value's type is
@@ -144,7 +143,7 @@ func (v Value) asBoolSlice() []bool {
// AsInt64 returns the int64 value. Make sure that the Value's type is
// INT64.
func (v Value) AsInt64() int64 {
- return internal.RawToInt64(v.numeric)
+ return rawToInt64(v.numeric)
}
// AsInt64Slice returns the []int64 value. Make sure that the Value's type is
@@ -163,7 +162,7 @@ func (v Value) asInt64Slice() []int64 {
// AsFloat64 returns the float64 value. Make sure that the Value's
// type is FLOAT64.
func (v Value) AsFloat64() float64 {
- return internal.RawToFloat64(v.numeric)
+ return rawToFloat64(v.numeric)
}
// AsFloat64Slice returns the []float64 value. Make sure that the Value's type is
diff --git a/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile b/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
index e4c4a753c8..51fb76b30d 100644
--- a/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
+++ b/vendor/go.opentelemetry.io/otel/dependencies.Dockerfile
@@ -1,3 +1,4 @@
# This is a renovate-friendly source of Docker images.
-FROM python:3.13.2-slim-bullseye@sha256:31b581c8218e1f3c58672481b3b7dba8e898852866b408c6a984c22832523935 AS python
-FROM otel/weaver:v0.13.2@sha256:ae7346b992e477f629ea327e0979e8a416a97f7956ab1f7e95ac1f44edf1a893 AS weaver
+FROM python:3.13.3-slim-bullseye@sha256:9e3f9243e06fd68eb9519074b49878eda20ad39a855fac51aaffb741de20726e AS python
+FROM otel/weaver:v0.15.0@sha256:1cf1c72eaed57dad813c2e359133b8a15bd4facf305aae5b13bdca6d3eccff56 AS weaver
+FROM avtodev/markdown-lint:v1@sha256:6aeedc2f49138ce7a1cd0adffc1b1c0321b841dc2102408967d9301c031949ee AS markdown
diff --git a/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh b/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh
deleted file mode 100644
index 93e80ea306..0000000000
--- a/vendor/go.opentelemetry.io/otel/get_main_pkgs.sh
+++ /dev/null
@@ -1,30 +0,0 @@
-#!/usr/bin/env bash
-
-# Copyright The OpenTelemetry Authors
-# SPDX-License-Identifier: Apache-2.0
-
-set -euo pipefail
-
-top_dir='.'
-if [[ $# -gt 0 ]]; then
- top_dir="${1}"
-fi
-
-p=$(pwd)
-mod_dirs=()
-
-# Note `mapfile` does not exist in older bash versions:
-# https://stackoverflow.com/questions/41475261/need-alternative-to-readarray-mapfile-for-script-on-older-version-of-bash
-
-while IFS= read -r line; do
- mod_dirs+=("$line")
-done < <(find "${top_dir}" -type f -name 'go.mod' -exec dirname {} \; | sort)
-
-for mod_dir in "${mod_dirs[@]}"; do
- cd "${mod_dir}"
-
- while IFS= read -r line; do
- echo ".${line#${p}}"
- done < <(go list --find -f '{{.Name}}|{{.Dir}}' ./... | grep '^main|' | cut -f 2- -d '|')
- cd "${p}"
-done
diff --git a/vendor/go.opentelemetry.io/otel/internal/gen.go b/vendor/go.opentelemetry.io/otel/internal/gen.go
deleted file mode 100644
index 4259f0320d..0000000000
--- a/vendor/go.opentelemetry.io/otel/internal/gen.go
+++ /dev/null
@@ -1,18 +0,0 @@
-// Copyright The OpenTelemetry Authors
-// SPDX-License-Identifier: Apache-2.0
-
-package internal // import "go.opentelemetry.io/otel/internal"
-
-//go:generate gotmpl --body=./shared/matchers/expectation.go.tmpl "--data={}" --out=matchers/expectation.go
-//go:generate gotmpl --body=./shared/matchers/expecter.go.tmpl "--data={}" --out=matchers/expecter.go
-//go:generate gotmpl --body=./shared/matchers/temporal_matcher.go.tmpl "--data={}" --out=matchers/temporal_matcher.go
-
-//go:generate gotmpl --body=./shared/internaltest/alignment.go.tmpl "--data={}" --out=internaltest/alignment.go
-//go:generate gotmpl --body=./shared/internaltest/env.go.tmpl "--data={}" --out=internaltest/env.go
-//go:generate gotmpl --body=./shared/internaltest/env_test.go.tmpl "--data={}" --out=internaltest/env_test.go
-//go:generate gotmpl --body=./shared/internaltest/errors.go.tmpl "--data={}" --out=internaltest/errors.go
-//go:generate gotmpl --body=./shared/internaltest/harness.go.tmpl "--data={\"matchersImportPath\": \"go.opentelemetry.io/otel/internal/matchers\"}" --out=internaltest/harness.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_carrier.go.tmpl "--data={}" --out=internaltest/text_map_carrier.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_carrier_test.go.tmpl "--data={}" --out=internaltest/text_map_carrier_test.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_propagator.go.tmpl "--data={}" --out=internaltest/text_map_propagator.go
-//go:generate gotmpl --body=./shared/internaltest/text_map_propagator_test.go.tmpl "--data={}" --out=internaltest/text_map_propagator_test.go
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/handler.go b/vendor/go.opentelemetry.io/otel/internal/global/handler.go
index c657ff8e75..2e47b2964c 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/handler.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/handler.go
@@ -1,6 +1,7 @@
// Copyright The OpenTelemetry Authors
// SPDX-License-Identifier: Apache-2.0
+// Package global provides the OpenTelemetry global API.
package global // import "go.opentelemetry.io/otel/internal/global"
import (
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/meter.go b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
index a6acd8dca6..adb37b5b0e 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/meter.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/meter.go
@@ -169,7 +169,10 @@ func (m *meter) Int64Counter(name string, options ...metric.Int64CounterOption)
return i, nil
}
-func (m *meter) Int64UpDownCounter(name string, options ...metric.Int64UpDownCounterOption) (metric.Int64UpDownCounter, error) {
+func (m *meter) Int64UpDownCounter(
+ name string,
+ options ...metric.Int64UpDownCounterOption,
+) (metric.Int64UpDownCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -238,7 +241,10 @@ func (m *meter) Int64Gauge(name string, options ...metric.Int64GaugeOption) (met
return i, nil
}
-func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) {
+func (m *meter) Int64ObservableCounter(
+ name string,
+ options ...metric.Int64ObservableCounterOption,
+) (metric.Int64ObservableCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -261,7 +267,10 @@ func (m *meter) Int64ObservableCounter(name string, options ...metric.Int64Obser
return i, nil
}
-func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) {
+func (m *meter) Int64ObservableUpDownCounter(
+ name string,
+ options ...metric.Int64ObservableUpDownCounterOption,
+) (metric.Int64ObservableUpDownCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -284,7 +293,10 @@ func (m *meter) Int64ObservableUpDownCounter(name string, options ...metric.Int6
return i, nil
}
-func (m *meter) Int64ObservableGauge(name string, options ...metric.Int64ObservableGaugeOption) (metric.Int64ObservableGauge, error) {
+func (m *meter) Int64ObservableGauge(
+ name string,
+ options ...metric.Int64ObservableGaugeOption,
+) (metric.Int64ObservableGauge, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -330,7 +342,10 @@ func (m *meter) Float64Counter(name string, options ...metric.Float64CounterOpti
return i, nil
}
-func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDownCounterOption) (metric.Float64UpDownCounter, error) {
+func (m *meter) Float64UpDownCounter(
+ name string,
+ options ...metric.Float64UpDownCounterOption,
+) (metric.Float64UpDownCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -353,7 +368,10 @@ func (m *meter) Float64UpDownCounter(name string, options ...metric.Float64UpDow
return i, nil
}
-func (m *meter) Float64Histogram(name string, options ...metric.Float64HistogramOption) (metric.Float64Histogram, error) {
+func (m *meter) Float64Histogram(
+ name string,
+ options ...metric.Float64HistogramOption,
+) (metric.Float64Histogram, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -399,7 +417,10 @@ func (m *meter) Float64Gauge(name string, options ...metric.Float64GaugeOption)
return i, nil
}
-func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) {
+func (m *meter) Float64ObservableCounter(
+ name string,
+ options ...metric.Float64ObservableCounterOption,
+) (metric.Float64ObservableCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -422,7 +443,10 @@ func (m *meter) Float64ObservableCounter(name string, options ...metric.Float64O
return i, nil
}
-func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) {
+func (m *meter) Float64ObservableUpDownCounter(
+ name string,
+ options ...metric.Float64ObservableUpDownCounterOption,
+) (metric.Float64ObservableUpDownCounter, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
@@ -445,7 +469,10 @@ func (m *meter) Float64ObservableUpDownCounter(name string, options ...metric.Fl
return i, nil
}
-func (m *meter) Float64ObservableGauge(name string, options ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) {
+func (m *meter) Float64ObservableGauge(
+ name string,
+ options ...metric.Float64ObservableGaugeOption,
+) (metric.Float64ObservableGauge, error) {
m.mtx.Lock()
defer m.mtx.Unlock()
diff --git a/vendor/go.opentelemetry.io/otel/internal/global/trace.go b/vendor/go.opentelemetry.io/otel/internal/global/trace.go
index 8982aa0dc5..49e4ac4faa 100644
--- a/vendor/go.opentelemetry.io/otel/internal/global/trace.go
+++ b/vendor/go.opentelemetry.io/otel/internal/global/trace.go
@@ -158,7 +158,18 @@ func (t *tracer) Start(ctx context.Context, name string, opts ...trace.SpanStart
// a nonRecordingSpan by default.
var autoInstEnabled = new(bool)
-func (t *tracer) newSpan(ctx context.Context, autoSpan *bool, name string, opts []trace.SpanStartOption) (context.Context, trace.Span) {
+// newSpan is called by tracer.Start so auto-instrumentation can attach an eBPF
+// uprobe to this code.
+//
+// "noinline" pragma prevents the method from ever being inlined.
+//
+//go:noinline
+func (t *tracer) newSpan(
+ ctx context.Context,
+ autoSpan *bool,
+ name string,
+ opts []trace.SpanStartOption,
+) (context.Context, trace.Span) {
// autoInstEnabled is passed to newSpan via the autoSpan parameter. This is
// so the auto-instrumentation can define a uprobe for (*t).newSpan and be
// provided with the address of the bool autoInstEnabled points to. It
diff --git a/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go b/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go
deleted file mode 100644
index b2fe3e41d3..0000000000
--- a/vendor/go.opentelemetry.io/otel/internal/rawhelpers.go
+++ /dev/null
@@ -1,48 +0,0 @@
-// Copyright The OpenTelemetry Authors
-// SPDX-License-Identifier: Apache-2.0
-
-package internal // import "go.opentelemetry.io/otel/internal"
-
-import (
- "math"
- "unsafe"
-)
-
-func BoolToRaw(b bool) uint64 { // nolint:revive // b is not a control flag.
- if b {
- return 1
- }
- return 0
-}
-
-func RawToBool(r uint64) bool {
- return r != 0
-}
-
-func Int64ToRaw(i int64) uint64 {
- // Assumes original was a valid int64 (overflow not checked).
- return uint64(i) // nolint: gosec
-}
-
-func RawToInt64(r uint64) int64 {
- // Assumes original was a valid int64 (overflow not checked).
- return int64(r) // nolint: gosec
-}
-
-func Float64ToRaw(f float64) uint64 {
- return math.Float64bits(f)
-}
-
-func RawToFloat64(r uint64) float64 {
- return math.Float64frombits(r)
-}
-
-func RawPtrToFloat64Ptr(r *uint64) *float64 {
- // Assumes original was a valid *float64 (overflow not checked).
- return (*float64)(unsafe.Pointer(r)) // nolint: gosec
-}
-
-func RawPtrToInt64Ptr(r *uint64) *int64 {
- // Assumes original was a valid *int64 (overflow not checked).
- return (*int64)(unsafe.Pointer(r)) // nolint: gosec
-}
diff --git a/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go b/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
index f8435d8f28..b7fc973a66 100644
--- a/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
+++ b/vendor/go.opentelemetry.io/otel/metric/asyncfloat64.go
@@ -106,7 +106,9 @@ type Float64ObservableUpDownCounterConfig struct {
// NewFloat64ObservableUpDownCounterConfig returns a new
// [Float64ObservableUpDownCounterConfig] with all opts applied.
-func NewFloat64ObservableUpDownCounterConfig(opts ...Float64ObservableUpDownCounterOption) Float64ObservableUpDownCounterConfig {
+func NewFloat64ObservableUpDownCounterConfig(
+ opts ...Float64ObservableUpDownCounterOption,
+) Float64ObservableUpDownCounterConfig {
var config Float64ObservableUpDownCounterConfig
for _, o := range opts {
config = o.applyFloat64ObservableUpDownCounter(config)
@@ -239,12 +241,16 @@ type float64CallbackOpt struct {
cback Float64Callback
}
-func (o float64CallbackOpt) applyFloat64ObservableCounter(cfg Float64ObservableCounterConfig) Float64ObservableCounterConfig {
+func (o float64CallbackOpt) applyFloat64ObservableCounter(
+ cfg Float64ObservableCounterConfig,
+) Float64ObservableCounterConfig {
cfg.callbacks = append(cfg.callbacks, o.cback)
return cfg
}
-func (o float64CallbackOpt) applyFloat64ObservableUpDownCounter(cfg Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o float64CallbackOpt) applyFloat64ObservableUpDownCounter(
+ cfg Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
cfg.callbacks = append(cfg.callbacks, o.cback)
return cfg
}
diff --git a/vendor/go.opentelemetry.io/otel/metric/asyncint64.go b/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
index e079aaef16..4404b71a22 100644
--- a/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
+++ b/vendor/go.opentelemetry.io/otel/metric/asyncint64.go
@@ -105,7 +105,9 @@ type Int64ObservableUpDownCounterConfig struct {
// NewInt64ObservableUpDownCounterConfig returns a new
// [Int64ObservableUpDownCounterConfig] with all opts applied.
-func NewInt64ObservableUpDownCounterConfig(opts ...Int64ObservableUpDownCounterOption) Int64ObservableUpDownCounterConfig {
+func NewInt64ObservableUpDownCounterConfig(
+ opts ...Int64ObservableUpDownCounterOption,
+) Int64ObservableUpDownCounterConfig {
var config Int64ObservableUpDownCounterConfig
for _, o := range opts {
config = o.applyInt64ObservableUpDownCounter(config)
@@ -242,7 +244,9 @@ func (o int64CallbackOpt) applyInt64ObservableCounter(cfg Int64ObservableCounter
return cfg
}
-func (o int64CallbackOpt) applyInt64ObservableUpDownCounter(cfg Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o int64CallbackOpt) applyInt64ObservableUpDownCounter(
+ cfg Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
cfg.callbacks = append(cfg.callbacks, o.cback)
return cfg
}
diff --git a/vendor/go.opentelemetry.io/otel/metric/instrument.go b/vendor/go.opentelemetry.io/otel/metric/instrument.go
index a535782e1d..9f48d5f117 100644
--- a/vendor/go.opentelemetry.io/otel/metric/instrument.go
+++ b/vendor/go.opentelemetry.io/otel/metric/instrument.go
@@ -63,7 +63,9 @@ func (o descOpt) applyFloat64ObservableCounter(c Float64ObservableCounterConfig)
return c
}
-func (o descOpt) applyFloat64ObservableUpDownCounter(c Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o descOpt) applyFloat64ObservableUpDownCounter(
+ c Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
c.description = string(o)
return c
}
@@ -98,7 +100,9 @@ func (o descOpt) applyInt64ObservableCounter(c Int64ObservableCounterConfig) Int
return c
}
-func (o descOpt) applyInt64ObservableUpDownCounter(c Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o descOpt) applyInt64ObservableUpDownCounter(
+ c Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
c.description = string(o)
return c
}
@@ -138,7 +142,9 @@ func (o unitOpt) applyFloat64ObservableCounter(c Float64ObservableCounterConfig)
return c
}
-func (o unitOpt) applyFloat64ObservableUpDownCounter(c Float64ObservableUpDownCounterConfig) Float64ObservableUpDownCounterConfig {
+func (o unitOpt) applyFloat64ObservableUpDownCounter(
+ c Float64ObservableUpDownCounterConfig,
+) Float64ObservableUpDownCounterConfig {
c.unit = string(o)
return c
}
@@ -173,7 +179,9 @@ func (o unitOpt) applyInt64ObservableCounter(c Int64ObservableCounterConfig) Int
return c
}
-func (o unitOpt) applyInt64ObservableUpDownCounter(c Int64ObservableUpDownCounterConfig) Int64ObservableUpDownCounterConfig {
+func (o unitOpt) applyInt64ObservableUpDownCounter(
+ c Int64ObservableUpDownCounterConfig,
+) Int64ObservableUpDownCounterConfig {
c.unit = string(o)
return c
}
diff --git a/vendor/go.opentelemetry.io/otel/metric/meter.go b/vendor/go.opentelemetry.io/otel/metric/meter.go
index 14e08c24a4..fdd2a7011c 100644
--- a/vendor/go.opentelemetry.io/otel/metric/meter.go
+++ b/vendor/go.opentelemetry.io/otel/metric/meter.go
@@ -110,7 +110,10 @@ type Meter interface {
// The name needs to conform to the OpenTelemetry instrument name syntax.
// See the Instrument Name section of the package documentation for more
// information.
- Int64ObservableUpDownCounter(name string, options ...Int64ObservableUpDownCounterOption) (Int64ObservableUpDownCounter, error)
+ Int64ObservableUpDownCounter(
+ name string,
+ options ...Int64ObservableUpDownCounterOption,
+ ) (Int64ObservableUpDownCounter, error)
// Int64ObservableGauge returns a new Int64ObservableGauge instrument
// identified by name and configured with options. The instrument is used
@@ -194,7 +197,10 @@ type Meter interface {
// The name needs to conform to the OpenTelemetry instrument name syntax.
// See the Instrument Name section of the package documentation for more
// information.
- Float64ObservableUpDownCounter(name string, options ...Float64ObservableUpDownCounterOption) (Float64ObservableUpDownCounter, error)
+ Float64ObservableUpDownCounter(
+ name string,
+ options ...Float64ObservableUpDownCounterOption,
+ ) (Float64ObservableUpDownCounter, error)
// Float64ObservableGauge returns a new Float64ObservableGauge instrument
// identified by name and configured with options. The instrument is used
diff --git a/vendor/go.opentelemetry.io/otel/metric/noop/noop.go b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
index ca6fcbdc09..9afb69e583 100644
--- a/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
+++ b/vendor/go.opentelemetry.io/otel/metric/noop/noop.go
@@ -86,13 +86,19 @@ func (Meter) Int64Gauge(string, ...metric.Int64GaugeOption) (metric.Int64Gauge,
// Int64ObservableCounter returns an ObservableCounter used to record int64
// measurements that produces no telemetry.
-func (Meter) Int64ObservableCounter(string, ...metric.Int64ObservableCounterOption) (metric.Int64ObservableCounter, error) {
+func (Meter) Int64ObservableCounter(
+ string,
+ ...metric.Int64ObservableCounterOption,
+) (metric.Int64ObservableCounter, error) {
return Int64ObservableCounter{}, nil
}
// Int64ObservableUpDownCounter returns an ObservableUpDownCounter used to
// record int64 measurements that produces no telemetry.
-func (Meter) Int64ObservableUpDownCounter(string, ...metric.Int64ObservableUpDownCounterOption) (metric.Int64ObservableUpDownCounter, error) {
+func (Meter) Int64ObservableUpDownCounter(
+ string,
+ ...metric.Int64ObservableUpDownCounterOption,
+) (metric.Int64ObservableUpDownCounter, error) {
return Int64ObservableUpDownCounter{}, nil
}
@@ -128,19 +134,28 @@ func (Meter) Float64Gauge(string, ...metric.Float64GaugeOption) (metric.Float64G
// Float64ObservableCounter returns an ObservableCounter used to record int64
// measurements that produces no telemetry.
-func (Meter) Float64ObservableCounter(string, ...metric.Float64ObservableCounterOption) (metric.Float64ObservableCounter, error) {
+func (Meter) Float64ObservableCounter(
+ string,
+ ...metric.Float64ObservableCounterOption,
+) (metric.Float64ObservableCounter, error) {
return Float64ObservableCounter{}, nil
}
// Float64ObservableUpDownCounter returns an ObservableUpDownCounter used to
// record int64 measurements that produces no telemetry.
-func (Meter) Float64ObservableUpDownCounter(string, ...metric.Float64ObservableUpDownCounterOption) (metric.Float64ObservableUpDownCounter, error) {
+func (Meter) Float64ObservableUpDownCounter(
+ string,
+ ...metric.Float64ObservableUpDownCounterOption,
+) (metric.Float64ObservableUpDownCounter, error) {
return Float64ObservableUpDownCounter{}, nil
}
// Float64ObservableGauge returns an ObservableGauge used to record int64
// measurements that produces no telemetry.
-func (Meter) Float64ObservableGauge(string, ...metric.Float64ObservableGaugeOption) (metric.Float64ObservableGauge, error) {
+func (Meter) Float64ObservableGauge(
+ string,
+ ...metric.Float64ObservableGaugeOption,
+) (metric.Float64ObservableGauge, error) {
return Float64ObservableGauge{}, nil
}
diff --git a/vendor/go.opentelemetry.io/otel/propagation/baggage.go b/vendor/go.opentelemetry.io/otel/propagation/baggage.go
index 552263ba73..ebda5026d6 100644
--- a/vendor/go.opentelemetry.io/otel/propagation/baggage.go
+++ b/vendor/go.opentelemetry.io/otel/propagation/baggage.go
@@ -28,7 +28,21 @@ func (b Baggage) Inject(ctx context.Context, carrier TextMapCarrier) {
}
// Extract returns a copy of parent with the baggage from the carrier added.
+// If carrier implements [ValuesGetter] (e.g. [HeaderCarrier]), Values is invoked
+// for multiple values extraction. Otherwise, Get is called.
func (b Baggage) Extract(parent context.Context, carrier TextMapCarrier) context.Context {
+ if multiCarrier, ok := carrier.(ValuesGetter); ok {
+ return extractMultiBaggage(parent, multiCarrier)
+ }
+ return extractSingleBaggage(parent, carrier)
+}
+
+// Fields returns the keys who's values are set with Inject.
+func (b Baggage) Fields() []string {
+ return []string{baggageHeader}
+}
+
+func extractSingleBaggage(parent context.Context, carrier TextMapCarrier) context.Context {
bStr := carrier.Get(baggageHeader)
if bStr == "" {
return parent
@@ -41,7 +55,23 @@ func (b Baggage) Extract(parent context.Context, carrier TextMapCarrier) context
return baggage.ContextWithBaggage(parent, bag)
}
-// Fields returns the keys who's values are set with Inject.
-func (b Baggage) Fields() []string {
- return []string{baggageHeader}
+func extractMultiBaggage(parent context.Context, carrier ValuesGetter) context.Context {
+ bVals := carrier.Values(baggageHeader)
+ if len(bVals) == 0 {
+ return parent
+ }
+ var members []baggage.Member
+ for _, bStr := range bVals {
+ currBag, err := baggage.Parse(bStr)
+ if err != nil {
+ continue
+ }
+ members = append(members, currBag.Members()...)
+ }
+
+ b, err := baggage.New(members...)
+ if err != nil || b.Len() == 0 {
+ return parent
+ }
+ return baggage.ContextWithBaggage(parent, b)
}
diff --git a/vendor/go.opentelemetry.io/otel/propagation/propagation.go b/vendor/go.opentelemetry.io/otel/propagation/propagation.go
index 8c8286aab4..5c8c26ea2e 100644
--- a/vendor/go.opentelemetry.io/otel/propagation/propagation.go
+++ b/vendor/go.opentelemetry.io/otel/propagation/propagation.go
@@ -9,6 +9,7 @@ import (
)
// TextMapCarrier is the storage medium used by a TextMapPropagator.
+// See ValuesGetter for how a TextMapCarrier can get multiple values for a key.
type TextMapCarrier interface {
// DO NOT CHANGE: any modification will not be backwards compatible and
// must never be done outside of a new major release.
@@ -29,6 +30,18 @@ type TextMapCarrier interface {
// must never be done outside of a new major release.
}
+// ValuesGetter can return multiple values for a single key,
+// with contrast to TextMapCarrier.Get which returns a single value.
+type ValuesGetter interface {
+ // DO NOT CHANGE: any modification will not be backwards compatible and
+ // must never be done outside of a new major release.
+
+ // Values returns all values associated with the passed key.
+ Values(key string) []string
+ // DO NOT CHANGE: any modification will not be backwards compatible and
+ // must never be done outside of a new major release.
+}
+
// MapCarrier is a TextMapCarrier that uses a map held in memory as a storage
// medium for propagated key-value pairs.
type MapCarrier map[string]string
@@ -55,14 +68,25 @@ func (c MapCarrier) Keys() []string {
return keys
}
-// HeaderCarrier adapts http.Header to satisfy the TextMapCarrier interface.
+// HeaderCarrier adapts http.Header to satisfy the TextMapCarrier and ValuesGetter interfaces.
type HeaderCarrier http.Header
-// Get returns the value associated with the passed key.
+// Compile time check that HeaderCarrier implements ValuesGetter.
+var _ TextMapCarrier = HeaderCarrier{}
+
+// Compile time check that HeaderCarrier implements TextMapCarrier.
+var _ ValuesGetter = HeaderCarrier{}
+
+// Get returns the first value associated with the passed key.
func (hc HeaderCarrier) Get(key string) string {
return http.Header(hc).Get(key)
}
+// Values returns all values associated with the passed key.
+func (hc HeaderCarrier) Values(key string) []string {
+ return http.Header(hc).Values(key)
+}
+
// Set stores the key-value pair.
func (hc HeaderCarrier) Set(key string, value string) {
http.Header(hc).Set(key, value)
@@ -89,6 +113,8 @@ type TextMapPropagator interface {
// must never be done outside of a new major release.
// Extract reads cross-cutting concerns from the carrier into a Context.
+ // Implementations may check if the carrier implements ValuesGetter,
+ // to support extraction of multiple values per key.
Extract(ctx context.Context, carrier TextMapCarrier) context.Context
// DO NOT CHANGE: any modification will not be backwards compatible and
// must never be done outside of a new major release.
diff --git a/vendor/go.opentelemetry.io/otel/renovate.json b/vendor/go.opentelemetry.io/otel/renovate.json
index a6fa353f95..fa5acf2d3b 100644
--- a/vendor/go.opentelemetry.io/otel/renovate.json
+++ b/vendor/go.opentelemetry.io/otel/renovate.json
@@ -1,7 +1,8 @@
{
"$schema": "https://docs.renovatebot.com/renovate-schema.json",
"extends": [
- "config:best-practices"
+ "config:best-practices",
+ "helpers:pinGitHubActionDigestsToSemver"
],
"ignorePaths": [],
"labels": ["Skip Changelog", "dependencies"],
@@ -25,6 +26,10 @@
{
"matchPackageNames": ["golang.org/x/**"],
"groupName": "golang.org/x"
+ },
+ {
+ "matchPackageNames": ["go.opentelemetry.io/otel/sdk/log/logtest"],
+ "enabled": false
}
]
}
diff --git a/vendor/go.opentelemetry.io/otel/trace/auto.go b/vendor/go.opentelemetry.io/otel/trace/auto.go
index 7e2910025a..d90af8f673 100644
--- a/vendor/go.opentelemetry.io/otel/trace/auto.go
+++ b/vendor/go.opentelemetry.io/otel/trace/auto.go
@@ -57,14 +57,15 @@ type autoTracer struct {
var _ Tracer = autoTracer{}
func (t autoTracer) Start(ctx context.Context, name string, opts ...SpanStartOption) (context.Context, Span) {
- var psc SpanContext
+ var psc, sc SpanContext
sampled := true
span := new(autoSpan)
// Ask eBPF for sampling decision and span context info.
- t.start(ctx, span, &psc, &sampled, &span.spanContext)
+ t.start(ctx, span, &psc, &sampled, &sc)
span.sampled.Store(sampled)
+ span.spanContext = sc
ctx = ContextWithSpan(ctx, span)
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
index 3c5e1cdb1b..e7ca62c660 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/span.go
@@ -251,13 +251,20 @@ func (s *Span) UnmarshalJSON(data []byte) error {
type SpanFlags int32
const (
+ // SpanFlagsTraceFlagsMask is a mask for trace-flags.
+ //
// Bits 0-7 are used for trace flags.
SpanFlagsTraceFlagsMask SpanFlags = 255
- // Bits 8 and 9 are used to indicate that the parent span or link span is remote.
- // Bit 8 (`HAS_IS_REMOTE`) indicates whether the value is known.
- // Bit 9 (`IS_REMOTE`) indicates whether the span or link is remote.
+ // SpanFlagsContextHasIsRemoteMask is a mask for HAS_IS_REMOTE status.
+ //
+ // Bits 8 and 9 are used to indicate that the parent span or link span is
+ // remote. Bit 8 (`HAS_IS_REMOTE`) indicates whether the value is known.
SpanFlagsContextHasIsRemoteMask SpanFlags = 256
- // SpanFlagsContextHasIsRemoteMask indicates the Span is remote.
+ // SpanFlagsContextIsRemoteMask is a mask for IS_REMOTE status.
+ //
+ // Bits 8 and 9 are used to indicate that the parent span or link span is
+ // remote. Bit 9 (`IS_REMOTE`) indicates whether the span or link is
+ // remote.
SpanFlagsContextIsRemoteMask SpanFlags = 512
)
@@ -266,27 +273,31 @@ const (
type SpanKind int32
const (
- // Indicates that the span represents an internal operation within an application,
- // as opposed to an operation happening at the boundaries. Default value.
+ // SpanKindInternal indicates that the span represents an internal
+ // operation within an application, as opposed to an operation happening at
+ // the boundaries.
SpanKindInternal SpanKind = 1
- // Indicates that the span covers server-side handling of an RPC or other
- // remote network request.
+ // SpanKindServer indicates that the span covers server-side handling of an
+ // RPC or other remote network request.
SpanKindServer SpanKind = 2
- // Indicates that the span describes a request to some remote service.
+ // SpanKindClient indicates that the span describes a request to some
+ // remote service.
SpanKindClient SpanKind = 3
- // Indicates that the span describes a producer sending a message to a broker.
- // Unlike CLIENT and SERVER, there is often no direct critical path latency relationship
- // between producer and consumer spans. A PRODUCER span ends when the message was accepted
- // by the broker while the logical processing of the message might span a much longer time.
+ // SpanKindProducer indicates that the span describes a producer sending a
+ // message to a broker. Unlike SpanKindClient and SpanKindServer, there is
+ // often no direct critical path latency relationship between producer and
+ // consumer spans. A SpanKindProducer span ends when the message was
+ // accepted by the broker while the logical processing of the message might
+ // span a much longer time.
SpanKindProducer SpanKind = 4
- // Indicates that the span describes consumer receiving a message from a broker.
- // Like the PRODUCER kind, there is often no direct critical path latency relationship
- // between producer and consumer spans.
+ // SpanKindConsumer indicates that the span describes a consumer receiving
+ // a message from a broker. Like SpanKindProducer, there is often no direct
+ // critical path latency relationship between producer and consumer spans.
SpanKindConsumer SpanKind = 5
)
-// Event is a time-stamped annotation of the span, consisting of user-supplied
-// text description and key-value pairs.
+// SpanEvent is a time-stamped annotation of the span, consisting of
+// user-supplied text description and key-value pairs.
type SpanEvent struct {
// time_unix_nano is the time the event occurred.
Time time.Time `json:"timeUnixNano,omitempty"`
@@ -369,10 +380,11 @@ func (se *SpanEvent) UnmarshalJSON(data []byte) error {
return nil
}
-// A pointer from the current span to another span in the same trace or in a
-// different trace. For example, this can be used in batching operations,
-// where a single batch handler processes multiple requests from different
-// traces or when the handler receives a request from a different project.
+// SpanLink is a reference from the current span to another span in the same
+// trace or in a different trace. For example, this can be used in batching
+// operations, where a single batch handler processes multiple requests from
+// different traces or when the handler receives a request from a different
+// project.
type SpanLink struct {
// A unique identifier of a trace that this linked span is part of. The ID is a
// 16-byte array.
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
index 1d013a8fa8..1039bf40cd 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/status.go
@@ -3,17 +3,19 @@
package telemetry // import "go.opentelemetry.io/otel/trace/internal/telemetry"
+// StatusCode is the status of a Span.
+//
// For the semantics of status codes see
// https://github.com/open-telemetry/opentelemetry-specification/blob/main/specification/trace/api.md#set-status
type StatusCode int32
const (
- // The default status.
+ // StatusCodeUnset is the default status.
StatusCodeUnset StatusCode = 0
- // The Span has been validated by an Application developer or Operator to
- // have completed successfully.
+ // StatusCodeOK is used when the Span has been validated by an Application
+ // developer or Operator to have completed successfully.
StatusCodeOK StatusCode = 1
- // The Span contains an error.
+ // StatusCodeError is used when the Span contains an error.
StatusCodeError StatusCode = 2
)
@@ -30,7 +32,7 @@ func (s StatusCode) String() string {
return ""
}
-// The Status type defines a logical error model that is suitable for different
+// Status defines a logical error model that is suitable for different
// programming environments, including REST APIs and RPC APIs.
type Status struct {
// A developer-facing human readable error message.
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
index b039407081..e5f10767ca 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/traces.go
@@ -71,7 +71,7 @@ func (td *Traces) UnmarshalJSON(data []byte) error {
return nil
}
-// A collection of ScopeSpans from a Resource.
+// ResourceSpans is a collection of ScopeSpans from a Resource.
type ResourceSpans struct {
// The resource for the spans in this message.
// If this field is not set then no resource info is known.
@@ -128,7 +128,7 @@ func (rs *ResourceSpans) UnmarshalJSON(data []byte) error {
return nil
}
-// A collection of Spans produced by an InstrumentationScope.
+// ScopeSpans is a collection of Spans produced by an InstrumentationScope.
type ScopeSpans struct {
// The instrumentation scope information for the spans in this message.
// Semantically when InstrumentationScope isn't set, it is equivalent with
diff --git a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
index 7251492da0..ae9ce102a9 100644
--- a/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
+++ b/vendor/go.opentelemetry.io/otel/trace/internal/telemetry/value.go
@@ -316,7 +316,7 @@ func (v Value) String() string {
case ValueKindBool:
return strconv.FormatBool(v.asBool())
case ValueKindBytes:
- return fmt.Sprint(v.asBytes())
+ return string(v.asBytes())
case ValueKindMap:
return fmt.Sprint(v.asMap())
case ValueKindSlice:
diff --git a/vendor/go.opentelemetry.io/otel/trace/noop.go b/vendor/go.opentelemetry.io/otel/trace/noop.go
index c8b1ae5d67..0f56e4dbb3 100644
--- a/vendor/go.opentelemetry.io/otel/trace/noop.go
+++ b/vendor/go.opentelemetry.io/otel/trace/noop.go
@@ -95,6 +95,8 @@ var autoInstEnabled = new(bool)
// tracerProvider return a noopTracerProvider if autoEnabled is false,
// otherwise it will return a TracerProvider from the sdk package used in
// auto-instrumentation.
+//
+//go:noinline
func (noopSpan) tracerProvider(autoEnabled *bool) TracerProvider {
if *autoEnabled {
return newAutoTracerProvider()
diff --git a/vendor/go.opentelemetry.io/otel/verify_readmes.sh b/vendor/go.opentelemetry.io/otel/verify_readmes.sh
deleted file mode 100644
index 1e87855eea..0000000000
--- a/vendor/go.opentelemetry.io/otel/verify_readmes.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-# Copyright The OpenTelemetry Authors
-# SPDX-License-Identifier: Apache-2.0
-
-set -euo pipefail
-
-dirs=$(find . -type d -not -path "*/internal*" -not -path "*/test*" -not -path "*/example*" -not -path "*/.*" | sort)
-
-missingReadme=false
-for dir in $dirs; do
- if [ ! -f "$dir/README.md" ]; then
- echo "couldn't find README.md for $dir"
- missingReadme=true
- fi
-done
-
-if [ "$missingReadme" = true ] ; then
- echo "Error: some READMEs couldn't be found."
- exit 1
-fi
diff --git a/vendor/go.opentelemetry.io/otel/version.go b/vendor/go.opentelemetry.io/otel/version.go
index d5fa71f674..ac3c0b15da 100644
--- a/vendor/go.opentelemetry.io/otel/version.go
+++ b/vendor/go.opentelemetry.io/otel/version.go
@@ -5,5 +5,5 @@ package otel // import "go.opentelemetry.io/otel"
// Version is the current release version of OpenTelemetry in use.
func Version() string {
- return "1.35.0"
+ return "1.36.0"
}
diff --git a/vendor/go.opentelemetry.io/otel/versions.yaml b/vendor/go.opentelemetry.io/otel/versions.yaml
index 2b4cb4b418..79f82f3d05 100644
--- a/vendor/go.opentelemetry.io/otel/versions.yaml
+++ b/vendor/go.opentelemetry.io/otel/versions.yaml
@@ -3,7 +3,7 @@
module-sets:
stable-v1:
- version: v1.35.0
+ version: v1.36.0
modules:
- go.opentelemetry.io/otel
- go.opentelemetry.io/otel/bridge/opencensus
@@ -23,11 +23,11 @@ module-sets:
- go.opentelemetry.io/otel/sdk/metric
- go.opentelemetry.io/otel/trace
experimental-metrics:
- version: v0.57.0
+ version: v0.58.0
modules:
- go.opentelemetry.io/otel/exporters/prometheus
experimental-logs:
- version: v0.11.0
+ version: v0.12.0
modules:
- go.opentelemetry.io/otel/log
- go.opentelemetry.io/otel/sdk/log
@@ -40,4 +40,6 @@ module-sets:
- go.opentelemetry.io/otel/schema
excluded-modules:
- go.opentelemetry.io/otel/internal/tools
+ - go.opentelemetry.io/otel/log/logtest
+ - go.opentelemetry.io/otel/sdk/log/logtest
- go.opentelemetry.io/otel/trace/internal/telemetry/test
diff --git a/pkg/libartifact/artifact.go b/vendor/go.podman.io/common/pkg/libartifact/artifact.go
similarity index 94%
rename from pkg/libartifact/artifact.go
rename to vendor/go.podman.io/common/pkg/libartifact/artifact.go
index 48183b55d9..2d5934c09d 100644
--- a/pkg/libartifact/artifact.go
+++ b/vendor/go.podman.io/common/pkg/libartifact/artifact.go
@@ -5,8 +5,8 @@ import (
"fmt"
"strings"
- "github.com/containers/podman/v5/pkg/libartifact/types"
"github.com/opencontainers/go-digest"
+ "go.podman.io/common/pkg/libartifact/types"
"go.podman.io/image/v5/manifest"
)
@@ -17,7 +17,7 @@ type Artifact struct {
Name string
}
-// TotalSizeBytes returns the total bytes of the all the artifact layers
+// TotalSizeBytes returns the total bytes of the all the artifact layers.
func (a *Artifact) TotalSizeBytes() int64 {
var s int64
for _, layer := range a.Manifest.Layers {
@@ -26,7 +26,7 @@ func (a *Artifact) TotalSizeBytes() int64 {
return s
}
-// GetName returns the "name" or "image reference" of the artifact
+// GetName returns the "name" or "image reference" of the artifact.
func (a *Artifact) GetName() (string, error) {
if a.Name != "" {
return a.Name, nil
@@ -39,7 +39,7 @@ func (a *Artifact) GetName() (string, error) {
// SetName is a accessor for setting the artifact name
// Note: long term this may not be needed, and we would
// be comfortable with simply using the exported field
-// called Name
+// called Name.
func (a *Artifact) SetName(name string) {
a.Name = name
}
@@ -56,7 +56,7 @@ func (a *Artifact) GetDigest() (*digest.Digest, error) {
type ArtifactList []*Artifact
// GetByNameOrDigest returns an artifact, if present, by a given name
-// Returns an error if not found
+// Returns an error if not found.
func (al ArtifactList) GetByNameOrDigest(nameOrDigest string) (*Artifact, bool, error) {
// This is the hot route through
for _, artifact := range al {
diff --git a/pkg/libartifact/store/config.go b/vendor/go.podman.io/common/pkg/libartifact/store/config.go
similarity index 95%
rename from pkg/libartifact/store/config.go
rename to vendor/go.podman.io/common/pkg/libartifact/store/config.go
index 6a0bb68bc1..cd3be2ffd6 100644
--- a/pkg/libartifact/store/config.go
+++ b/vendor/go.podman.io/common/pkg/libartifact/store/config.go
@@ -11,7 +11,7 @@ import (
)
// unparsedArtifactImage is an interface based on the UnParsedImage and
-// is used only for the commit of the manifest
+// is used only for the commit of the manifest.
type unparsedArtifactImage struct {
ir types.ImageReference
mannyfest specV1.Manifest
diff --git a/pkg/libartifact/store/store.go b/vendor/go.podman.io/common/pkg/libartifact/store/store.go
similarity index 94%
rename from pkg/libartifact/store/store.go
rename to vendor/go.podman.io/common/pkg/libartifact/store/store.go
index a9d1a0a651..54dd75eca4 100644
--- a/pkg/libartifact/store/store.go
+++ b/vendor/go.podman.io/common/pkg/libartifact/store/store.go
@@ -18,14 +18,13 @@ import (
"strings"
"time"
- "github.com/containers/podman/v5/pkg/domain/entities"
- "github.com/containers/podman/v5/pkg/libartifact"
- libartTypes "github.com/containers/podman/v5/pkg/libartifact/types"
"github.com/opencontainers/go-digest"
"github.com/opencontainers/image-spec/specs-go"
specV1 "github.com/opencontainers/image-spec/specs-go/v1"
"github.com/sirupsen/logrus"
"go.podman.io/common/libimage"
+ "go.podman.io/common/pkg/libartifact"
+ libartTypes "go.podman.io/common/pkg/libartifact/types"
"go.podman.io/image/v5/image"
"go.podman.io/image/v5/manifest"
"go.podman.io/image/v5/oci/layout"
@@ -36,9 +35,7 @@ import (
"go.podman.io/storage/pkg/lockfile"
)
-var (
- ErrEmptyArtifactName = errors.New("artifact name cannot be empty")
-)
+var ErrEmptyArtifactName = errors.New("artifact name cannot be empty")
const ManifestSchemaVersion = 2
@@ -67,7 +64,7 @@ func NewArtifactStore(storePath string, sc *types.SystemContext) (*ArtifactStore
// if the storage dir does not exist, we need to create it.
baseDir := filepath.Dir(artifactStore.indexPath())
- if err := os.MkdirAll(baseDir, 0700); err != nil {
+ if err := os.MkdirAll(baseDir, 0o700); err != nil {
return nil, err
}
// Open the lockfile, creating if necessary
@@ -86,7 +83,7 @@ func NewArtifactStore(storePath string, sc *types.SystemContext) (*ArtifactStore
return artifactStore, nil
}
-// Remove an artifact from the local artifact store
+// Remove an artifact from the local artifact store.
func (as ArtifactStore) Remove(ctx context.Context, name string) (*digest.Digest, error) {
if len(name) == 0 {
return nil, ErrEmptyArtifactName
@@ -119,7 +116,7 @@ func (as ArtifactStore) Remove(ctx context.Context, name string) (*digest.Digest
return artifactDigest, ir.DeleteImage(ctx, as.SystemContext)
}
-// Inspect an artifact in a local store
+// Inspect an artifact in a local store.
func (as ArtifactStore) Inspect(ctx context.Context, nameOrDigest string) (*libartifact.Artifact, error) {
if len(nameOrDigest) == 0 {
return nil, ErrEmptyArtifactName
@@ -136,7 +133,7 @@ func (as ArtifactStore) Inspect(ctx context.Context, nameOrDigest string) (*liba
return inspectData, err
}
-// List artifacts in the local store
+// List artifacts in the local store.
func (as ArtifactStore) List(ctx context.Context) (libartifact.ArtifactList, error) {
as.lock.RLock()
defer as.lock.Unlock()
@@ -144,12 +141,12 @@ func (as ArtifactStore) List(ctx context.Context) (libartifact.ArtifactList, err
return as.getArtifacts(ctx, nil)
}
-// Pull an artifact from an image registry to a local store
+// Pull an artifact from an image registry to a local store.
func (as ArtifactStore) Pull(ctx context.Context, name string, opts libimage.CopyOptions) (digest.Digest, error) {
if len(name) == 0 {
return "", ErrEmptyArtifactName
}
- srcRef, err := alltransports.ParseImageName(fmt.Sprintf("docker://%s", name))
+ srcRef, err := alltransports.ParseImageName("docker://" + name)
if err != nil {
return "", err
}
@@ -176,12 +173,12 @@ func (as ArtifactStore) Pull(ctx context.Context, name string, opts libimage.Cop
return digest.FromBytes(artifactBytes), nil
}
-// Push an artifact to an image registry
+// Push an artifact to an image registry.
func (as ArtifactStore) Push(ctx context.Context, src, dest string, opts libimage.CopyOptions) (digest.Digest, error) {
if len(dest) == 0 {
return "", ErrEmptyArtifactName
}
- destRef, err := alltransports.ParseImageName(fmt.Sprintf("docker://%s", dest))
+ destRef, err := alltransports.ParseImageName("docker://" + dest)
if err != nil {
return "", err
}
@@ -212,7 +209,7 @@ func (as ArtifactStore) Push(ctx context.Context, src, dest string, opts libimag
// Add takes one or more artifact blobs and add them to the local artifact store. The empty
// string input is for possible custom artifact types.
-func (as ArtifactStore) Add(ctx context.Context, dest string, artifactBlobs []entities.ArtifactBlob, options *libartTypes.AddOptions) (*digest.Digest, error) {
+func (as ArtifactStore) Add(ctx context.Context, dest string, artifactBlobs []libartTypes.ArtifactBlob, options *libartTypes.AddOptions) (*digest.Digest, error) {
if len(dest) == 0 {
return nil, ErrEmptyArtifactName
}
@@ -316,7 +313,7 @@ func (as ArtifactStore) Add(ctx context.Context, dest string, artifactBlobs []en
// This works for the oci/layout transport we hard-code.
for _, artifactBlob := range artifactBlobs {
if artifactBlob.BlobFilePath == "" && artifactBlob.BlobReader == nil || artifactBlob.BlobFilePath != "" && artifactBlob.BlobReader != nil {
- return nil, fmt.Errorf("Artifact.BlobFile or Artifact.BlobReader must be provided")
+ return nil, errors.New("Artifact.BlobFile or Artifact.BlobReader must be provided")
}
annotations := maps.Clone(options.Annotations)
@@ -426,7 +423,7 @@ func getArtifactAndImageSource(ctx context.Context, as ArtifactStore, nameOrDige
}
if len(arty.Manifest.Layers) == 0 {
- return nil, nil, fmt.Errorf("the artifact has no blobs, nothing to extract")
+ return nil, nil, errors.New("the artifact has no blobs, nothing to extract")
}
ir, err := layout.NewReference(as.storePath, name)
@@ -489,7 +486,7 @@ func (as ArtifactStore) BlobMountPaths(ctx context.Context, nameOrDigest string,
return mountPaths, nil
}
-// Extract an artifact to local file or directory
+// Extract an artifact to local file or directory.
func (as ArtifactStore) Extract(ctx context.Context, nameOrDigest string, target string, options *libartTypes.ExtractOptions) error {
arty, imgSrc, err := getArtifactAndImageSource(ctx, as, nameOrDigest, &options.FilterBlobOptions)
if err != nil {
@@ -556,7 +553,7 @@ func (as ArtifactStore) Extract(ctx context.Context, nameOrDigest string, target
return nil
}
-// Extract an artifact to tar stream
+// Extract an artifact to tar stream.
func (as ArtifactStore) ExtractTarStream(ctx context.Context, w io.Writer, nameOrDigest string, options *libartTypes.ExtractOptions) error {
if options == nil {
options = &libartTypes.ExtractOptions{}
@@ -653,7 +650,7 @@ func generateArtifactBlobName(title string, digest digest.Digest) (string, error
// the user did not intend. As there is no use for directories in this path we
// disallow all of them and not try to "make it safe" via securejoin or others.
// We must use os.IsPathSeparator() as on Windows it checks both "\\" and "/".
- for i := 0; i < len(filename); i++ {
+ for i := range len(filename) {
if os.IsPathSeparator(filename[i]) {
return "", fmt.Errorf("invalid name: %q cannot contain %c: %w", filename, filename[i], libartTypes.ErrArtifactBlobTitleInvalid)
}
@@ -727,14 +724,14 @@ func copyTrustedImageBlobToTarStream(ctx context.Context, imgSrc types.ImageSour
defer src.Close()
if srcSize == -1 {
- return fmt.Errorf("internal error: oci layout image is missing blob size")
+ return errors.New("internal error: oci layout image is missing blob size")
}
// Note: We can't assume imgSrc will return an *os.File so we must generate the tar header
now := time.Now()
header := tar.Header{
Name: filename,
- Mode: 0600,
+ Mode: 600,
Size: srcSize,
ModTime: now,
ChangeTime: now,
@@ -829,7 +826,7 @@ func createEmptyStanza(path string) error {
if err := fileutils.Exists(path); err == nil {
return nil
}
- return os.WriteFile(path, specV1.DescriptorEmptyJSON.Data, 0644)
+ return os.WriteFile(path, specV1.DescriptorEmptyJSON.Data, 0o644)
}
// determineBlobMIMEType reads up to 512 bytes into a buffer
@@ -840,9 +837,9 @@ func createEmptyStanza(path string) error {
// Either an io.Reader or *os.File can be provided, if an io.Reader
// is provided, a new io.Reader will be returned to be used for
// subsequent reads.
-func determineBlobMIMEType(ab entities.ArtifactBlob) (io.Reader, string, error) {
+func determineBlobMIMEType(ab libartTypes.ArtifactBlob) (io.Reader, string, error) {
if ab.BlobFilePath == "" && ab.BlobReader == nil || ab.BlobFilePath != "" && ab.BlobReader != nil {
- return nil, "", fmt.Errorf("Artifact.BlobFile or Artifact.BlobReader must be provided")
+ return nil, "", errors.New("Artifact.BlobFile or Artifact.BlobReader must be provided")
}
var (
diff --git a/pkg/libartifact/types/config.go b/vendor/go.podman.io/common/pkg/libartifact/types/config.go
similarity index 87%
rename from pkg/libartifact/types/config.go
rename to vendor/go.podman.io/common/pkg/libartifact/types/config.go
index 6980f631b3..49553cfff2 100644
--- a/pkg/libartifact/types/config.go
+++ b/vendor/go.podman.io/common/pkg/libartifact/types/config.go
@@ -1,10 +1,12 @@
package types
+import "io"
+
// GetArtifactOptions is a struct containing options that for obtaining artifacts.
-// It is meant for future growth or changes required without wacking the API
+// It is meant for future growth or changes required without wacking the API.
type GetArtifactOptions struct{}
-// AddOptions are additional descriptors of an artifact file
+// AddOptions are additional descriptors of an artifact file.
type AddOptions struct {
Annotations map[string]string `json:"annotations,omitempty"`
ArtifactMIMEType string `json:",omitempty"`
@@ -17,7 +19,7 @@ type AddOptions struct {
Replace bool `json:",omitempty"`
}
-// FilterBlobOptions options used to filter for a single blob in an artifact
+// FilterBlobOptions options used to filter for a single blob in an artifact.
type FilterBlobOptions struct {
// Title annotation value to extract only a single blob matching that name.
// Optional. Conflicts with Digest.
@@ -39,10 +41,16 @@ type BlobMountPathOptions struct {
FilterBlobOptions
}
-// BlobMountPath contains the info on how the artifact must be mounted
+// BlobMountPath contains the info on how the artifact must be mounted.
type BlobMountPath struct {
// Source path of the blob, i.e. full path in the blob dir.
SourcePath string
// Name of the file in the container.
Name string
}
+
+type ArtifactBlob struct {
+ BlobReader io.Reader
+ BlobFilePath string
+ FileName string
+}
diff --git a/pkg/libartifact/types/errors.go b/vendor/go.podman.io/common/pkg/libartifact/types/errors.go
similarity index 100%
rename from pkg/libartifact/types/errors.go
rename to vendor/go.podman.io/common/pkg/libartifact/types/errors.go
diff --git a/vendor/go.podman.io/common/pkg/report/formatter.go b/vendor/go.podman.io/common/pkg/report/formatter.go
index e05e9762f4..b6fab91e62 100644
--- a/vendor/go.podman.io/common/pkg/report/formatter.go
+++ b/vendor/go.podman.io/common/pkg/report/formatter.go
@@ -17,7 +17,9 @@ type Flusher interface {
type NopFlusher struct{}
// Flush is a nop operation.
-func (f *NopFlusher) Flush() (err error) { return }
+func (f *NopFlusher) Flush() error {
+ return nil
+}
type Origin int
diff --git a/vendor/go.podman.io/common/pkg/ssh/utils.go b/vendor/go.podman.io/common/pkg/ssh/utils.go
index 94b457173e..8f8b2755b0 100644
--- a/vendor/go.podman.io/common/pkg/ssh/utils.go
+++ b/vendor/go.podman.io/common/pkg/ssh/utils.go
@@ -67,7 +67,7 @@ func ReadPassword(prompt string) (pw []byte, err error) {
fmt.Fprint(os.Stderr, prompt)
pw, err = term.ReadPassword(fd)
fmt.Fprintln(os.Stderr)
- return
+ return pw, err
}
var b [1]byte
diff --git a/vendor/go.podman.io/image/v5/copy/compression.go b/vendor/go.podman.io/image/v5/copy/compression.go
index 0ecc851866..e3e5230292 100644
--- a/vendor/go.podman.io/image/v5/copy/compression.go
+++ b/vendor/go.podman.io/image/v5/copy/compression.go
@@ -27,9 +27,10 @@ var (
// expectedBaseCompressionFormats is used to check if a blob with a specified media type is compressed
// using the algorithm that the media type says it should be compressed with
expectedBaseCompressionFormats = map[string]*compressiontypes.Algorithm{
- imgspecv1.MediaTypeImageLayerGzip: &compression.Gzip,
- imgspecv1.MediaTypeImageLayerZstd: &compression.Zstd,
- manifest.DockerV2Schema2LayerMediaType: &compression.Gzip,
+ imgspecv1.MediaTypeImageLayerGzip: &compression.Gzip,
+ imgspecv1.MediaTypeImageLayerZstd: &compression.Zstd,
+ manifest.DockerV2Schema2LayerMediaType: &compression.Gzip,
+ manifest.DockerV2SchemaLayerMediaTypeZstd: &compression.Zstd,
}
)
diff --git a/vendor/go.podman.io/image/v5/docker/docker_client.go b/vendor/go.podman.io/image/v5/docker/docker_client.go
index a83e19a36a..1c0d67105e 100644
--- a/vendor/go.podman.io/image/v5/docker/docker_client.go
+++ b/vendor/go.podman.io/image/v5/docker/docker_client.go
@@ -1066,6 +1066,8 @@ func (c *dockerClient) getBlob(ctx context.Context, ref dockerReference, info ty
cache.RecordKnownLocation(ref.Transport(), bicTransportScope(ref), info.Digest, newBICLocationReference(ref))
blobSize, err := getBlobSize(res)
if err != nil {
+ // See above, we don't guarantee returning a size
+ logrus.Debugf("failed to get blob size: %v", err)
blobSize = -1
}
diff --git a/vendor/go.podman.io/image/v5/internal/image/docker_schema2.go b/vendor/go.podman.io/image/v5/internal/image/docker_schema2.go
index 9305524a08..1586d67900 100644
--- a/vendor/go.podman.io/image/v5/internal/image/docker_schema2.go
+++ b/vendor/go.podman.io/image/v5/internal/image/docker_schema2.go
@@ -233,6 +233,8 @@ func (m *manifestSchema2) convertToManifestOCI1(ctx context.Context, _ *types.Ma
layers[idx].MediaType = imgspecv1.MediaTypeImageLayer
case manifest.DockerV2Schema2LayerMediaType:
layers[idx].MediaType = imgspecv1.MediaTypeImageLayerGzip
+ case manifest.DockerV2SchemaLayerMediaTypeZstd:
+ layers[idx].MediaType = imgspecv1.MediaTypeImageLayerZstd
default:
return nil, fmt.Errorf("Unknown media type during manifest conversion: %q", m.m.LayersDescriptors[idx].MediaType)
}
diff --git a/vendor/go.podman.io/image/v5/internal/image/oci.go b/vendor/go.podman.io/image/v5/internal/image/oci.go
index 8b73b91ffa..56a1a6d64e 100644
--- a/vendor/go.podman.io/image/v5/internal/image/oci.go
+++ b/vendor/go.podman.io/image/v5/internal/image/oci.go
@@ -288,7 +288,7 @@ func (m *manifestOCI1) convertToManifestSchema2(_ context.Context, options *type
case imgspecv1.MediaTypeImageLayerGzip:
layers[idx].MediaType = manifest.DockerV2Schema2LayerMediaType
case imgspecv1.MediaTypeImageLayerZstd:
- return nil, fmt.Errorf("Error during manifest conversion: %q: zstd compression is not supported for docker images", layers[idx].MediaType)
+ return nil, fmt.Errorf("Error during manifest conversion: %q: zstd compression is not officially supported for docker images", layers[idx].MediaType)
case ociencspec.MediaTypeLayerEnc, ociencspec.MediaTypeLayerGzipEnc, ociencspec.MediaTypeLayerZstdEnc,
ociencspec.MediaTypeLayerNonDistributableEnc, ociencspec.MediaTypeLayerNonDistributableGzipEnc, ociencspec.MediaTypeLayerNonDistributableZstdEnc:
return nil, fmt.Errorf("during manifest conversion: encrypted layers (%q) are not supported in docker images", layers[idx].MediaType)
diff --git a/vendor/go.podman.io/image/v5/internal/manifest/manifest.go b/vendor/go.podman.io/image/v5/internal/manifest/manifest.go
index 7dfe77844e..687b37fb07 100644
--- a/vendor/go.podman.io/image/v5/internal/manifest/manifest.go
+++ b/vendor/go.podman.io/image/v5/internal/manifest/manifest.go
@@ -26,6 +26,8 @@ const (
DockerV2Schema2LayerMediaType = "application/vnd.docker.image.rootfs.diff.tar.gzip"
// DockerV2SchemaLayerMediaTypeUncompressed is the mediaType used for uncompressed layers.
DockerV2SchemaLayerMediaTypeUncompressed = "application/vnd.docker.image.rootfs.diff.tar"
+ // DockerV2Schema2LayerMediaType is the MIME type used for schema 2 layers.
+ DockerV2SchemaLayerMediaTypeZstd = "application/vnd.docker.image.rootfs.diff.tar.zstd"
// DockerV2ListMediaType MIME type represents Docker manifest schema 2 list
DockerV2ListMediaType = "application/vnd.docker.distribution.manifest.list.v2+json"
// DockerV2Schema2ForeignLayerMediaType is the MIME type used for schema 2 foreign layers.
diff --git a/vendor/go.podman.io/image/v5/manifest/manifest.go b/vendor/go.podman.io/image/v5/manifest/manifest.go
index 45118fa4e1..ed489a5a6c 100644
--- a/vendor/go.podman.io/image/v5/manifest/manifest.go
+++ b/vendor/go.podman.io/image/v5/manifest/manifest.go
@@ -26,6 +26,9 @@ const (
DockerV2Schema2LayerMediaType = manifest.DockerV2Schema2LayerMediaType
// DockerV2SchemaLayerMediaTypeUncompressed is the mediaType used for uncompressed layers.
DockerV2SchemaLayerMediaTypeUncompressed = manifest.DockerV2SchemaLayerMediaTypeUncompressed
+ // DockerV2SchemaLayerMediaTypeZstd is the mediaType used for zstd layers.
+ // Warning: This mediaType is not officially supported in https://github.com/distribution/distribution/blob/main/docs/content/spec/manifest-v2-2.md but some images may exhibit it. Support is partial.
+ DockerV2SchemaLayerMediaTypeZstd = manifest.DockerV2SchemaLayerMediaTypeZstd
// DockerV2ListMediaType MIME type represents Docker manifest schema 2 list
DockerV2ListMediaType = manifest.DockerV2ListMediaType
// DockerV2Schema2ForeignLayerMediaType is the MIME type used for schema 2 foreign layers.
@@ -41,7 +44,7 @@ type NonImageArtifactError = manifest.NonImageArtifactError
// SupportedSchema2MediaType checks if the specified string is a supported Docker v2s2 media type.
func SupportedSchema2MediaType(m string) error {
switch m {
- case DockerV2ListMediaType, DockerV2Schema1MediaType, DockerV2Schema1SignedMediaType, DockerV2Schema2ConfigMediaType, DockerV2Schema2ForeignLayerMediaType, DockerV2Schema2ForeignLayerMediaTypeGzip, DockerV2Schema2LayerMediaType, DockerV2Schema2MediaType, DockerV2SchemaLayerMediaTypeUncompressed:
+ case DockerV2ListMediaType, DockerV2Schema1MediaType, DockerV2Schema1SignedMediaType, DockerV2Schema2ConfigMediaType, DockerV2Schema2ForeignLayerMediaType, DockerV2Schema2ForeignLayerMediaTypeGzip, DockerV2Schema2LayerMediaType, DockerV2Schema2MediaType, DockerV2SchemaLayerMediaTypeUncompressed, DockerV2SchemaLayerMediaTypeZstd:
return nil
default:
return fmt.Errorf("unsupported docker v2s2 media type: %q", m)
diff --git a/vendor/go.podman.io/image/v5/openshift/openshift-copies.go b/vendor/go.podman.io/image/v5/openshift/openshift-copies.go
index 1180d2dc8e..2799038644 100644
--- a/vendor/go.podman.io/image/v5/openshift/openshift-copies.go
+++ b/vendor/go.podman.io/image/v5/openshift/openshift-copies.go
@@ -843,10 +843,9 @@ func transportNew(config *restConfig) (http.RoundTripper, error) {
func newProxierWithNoProxyCIDR(delegate func(req *http.Request) (*url.URL, error)) func(req *http.Request) (*url.URL, error) {
// we wrap the default method, so we only need to perform our check if the NO_PROXY envvar has a CIDR in it
noProxyEnv := os.Getenv("NO_PROXY")
- noProxyRules := strings.Split(noProxyEnv, ",")
cidrs := []netip.Prefix{}
- for _, noProxyRule := range noProxyRules {
+ for noProxyRule := range strings.SplitSeq(noProxyEnv, ",") {
prefix, err := netip.ParsePrefix(noProxyRule)
if err == nil {
cidrs = append(cidrs, prefix)
diff --git a/vendor/go.podman.io/image/v5/storage/storage_dest.go b/vendor/go.podman.io/image/v5/storage/storage_dest.go
index 7ea6cd0531..5909570007 100644
--- a/vendor/go.podman.io/image/v5/storage/storage_dest.go
+++ b/vendor/go.podman.io/image/v5/storage/storage_dest.go
@@ -1122,7 +1122,7 @@ func (s *storageImageDestination) createNewLayer(index int, trusted trustedLayer
}
}
- flags := make(map[string]interface{})
+ flags := make(map[string]any)
if untrustedUncompressedDigest != "" {
flags[expectedLayerDiffIDFlag] = untrustedUncompressedDigest.String()
logrus.Debugf("Setting uncompressed digest to %q for layer %q", untrustedUncompressedDigest, newLayerID)
diff --git a/vendor/go.podman.io/image/v5/storage/storage_src.go b/vendor/go.podman.io/image/v5/storage/storage_src.go
index d48381b59d..e76b9ceb03 100644
--- a/vendor/go.podman.io/image/v5/storage/storage_src.go
+++ b/vendor/go.podman.io/image/v5/storage/storage_src.go
@@ -9,6 +9,7 @@ import (
"errors"
"fmt"
"io"
+ "maps"
"os"
"slices"
"sync"
@@ -26,6 +27,7 @@ import (
"go.podman.io/image/v5/types"
"go.podman.io/storage"
"go.podman.io/storage/pkg/archive"
+ "go.podman.io/storage/pkg/chunked/toc"
"go.podman.io/storage/pkg/ioutils"
)
@@ -295,14 +297,17 @@ func (s *storageImageSource) LayerInfosForCopy(ctx context.Context, instanceDige
}
uncompressedLayerType := ""
+ gzipCompressedLayerType := ""
switch manifestType {
case imgspecv1.MediaTypeImageManifest:
uncompressedLayerType = imgspecv1.MediaTypeImageLayer
+ gzipCompressedLayerType = imgspecv1.MediaTypeImageLayerGzip
case manifest.DockerV2Schema1MediaType, manifest.DockerV2Schema1SignedMediaType, manifest.DockerV2Schema2MediaType:
uncompressedLayerType = manifest.DockerV2SchemaLayerMediaTypeUncompressed
+ gzipCompressedLayerType = manifest.DockerV2Schema2LayerMediaType
}
- physicalBlobInfos := []types.BlobInfo{} // Built reversed
+ physicalBlobInfos := []layerForCopy{} // Built reversed
layerID := s.image.TopLayer
for layerID != "" {
layer, err := s.imageRef.transport.store.Layer(layerID)
@@ -337,44 +342,69 @@ func (s *storageImageSource) LayerInfosForCopy(ctx context.Context, instanceDige
s.getBlobMutex.Lock()
s.getBlobMutexProtected.digestToLayerID[blobDigest] = layer.ID
s.getBlobMutex.Unlock()
- blobInfo := types.BlobInfo{
- Digest: blobDigest,
- Size: size,
- MediaType: uncompressedLayerType,
+ layerInfo := layerForCopy{
+ digest: blobDigest,
+ size: size,
+ mediaType: uncompressedLayerType,
}
- physicalBlobInfos = append(physicalBlobInfos, blobInfo)
+ physicalBlobInfos = append(physicalBlobInfos, layerInfo)
layerID = layer.Parent
}
slices.Reverse(physicalBlobInfos)
- res, err := buildLayerInfosForCopy(man.LayerInfos(), physicalBlobInfos)
+ res, err := buildLayerInfosForCopy(man.LayerInfos(), physicalBlobInfos, gzipCompressedLayerType)
if err != nil {
return nil, fmt.Errorf("creating LayerInfosForCopy of image %q: %w", s.image.ID, err)
}
return res, nil
}
+// layerForCopy is information about a physical layer, an edit to be made by buildLayerInfosForCopy.
+type layerForCopy struct {
+ digest digest.Digest
+ size int64
+ mediaType string
+}
+
// buildLayerInfosForCopy builds a LayerInfosForCopy return value based on manifestInfos from the original manifest,
// but using layer data which we can actually produce — physicalInfos for non-empty layers,
-// and image.GzippedEmptyLayer for empty ones.
+// and image.GzippedEmptyLayer with gzipCompressedLayerType for empty ones.
// (This is split basically only to allow easily unit-testing the part that has no dependencies on the external environment.)
-func buildLayerInfosForCopy(manifestInfos []manifest.LayerInfo, physicalInfos []types.BlobInfo) ([]types.BlobInfo, error) {
+func buildLayerInfosForCopy(manifestInfos []manifest.LayerInfo, physicalInfos []layerForCopy, gzipCompressedLayerType string) ([]types.BlobInfo, error) {
nextPhysical := 0
res := make([]types.BlobInfo, len(manifestInfos))
for i, mi := range manifestInfos {
if mi.EmptyLayer {
res[i] = types.BlobInfo{
- Digest: image.GzippedEmptyLayerDigest,
- Size: int64(len(image.GzippedEmptyLayer)),
- MediaType: mi.MediaType,
+ Digest: image.GzippedEmptyLayerDigest,
+ Size: int64(len(image.GzippedEmptyLayer)),
+ URLs: mi.URLs,
+ Annotations: mi.Annotations,
+ MediaType: gzipCompressedLayerType,
}
} else {
if nextPhysical >= len(physicalInfos) {
return nil, fmt.Errorf("expected more than %d physical layers to exist", len(physicalInfos))
}
- res[i] = physicalInfos[nextPhysical] // FIXME? Should we preserve more data in manifestInfos? Notably the current approach correctly removes zstd:chunked metadata annotations.
+ res[i] = types.BlobInfo{
+ Digest: physicalInfos[nextPhysical].digest,
+ Size: physicalInfos[nextPhysical].size,
+ URLs: mi.URLs,
+ Annotations: mi.Annotations,
+ MediaType: physicalInfos[nextPhysical].mediaType,
+ }
nextPhysical++
}
+ // We have changed the compression format, so strip compression-related annotations.
+ if res[i].Annotations != nil {
+ maps.DeleteFunc(res[i].Annotations, func(key string, _ string) bool {
+ _, ok := toc.ChunkedAnnotations[key]
+ return ok
+ })
+ if len(res[i].Annotations) == 0 {
+ res[i].Annotations = nil
+ }
+ }
}
if nextPhysical != len(physicalInfos) {
return nil, fmt.Errorf("used only %d out of %d physical layers", nextPhysical, len(physicalInfos))
diff --git a/vendor/go.podman.io/image/v5/version/version.go b/vendor/go.podman.io/image/v5/version/version.go
index e577735ee1..ac62a17cec 100644
--- a/vendor/go.podman.io/image/v5/version/version.go
+++ b/vendor/go.podman.io/image/v5/version/version.go
@@ -6,12 +6,12 @@ const (
// VersionMajor is for an API incompatible changes
VersionMajor = 5
// VersionMinor is for functionality in a backwards-compatible manner
- VersionMinor = 37
+ VersionMinor = 38
// VersionPatch is for backwards-compatible bug fixes
VersionPatch = 0
// VersionDev indicates development branch. Releases will be empty string.
- VersionDev = ""
+ VersionDev = "-dev"
)
// Version is the specification version that the package types support.
diff --git a/vendor/go.podman.io/storage/VERSION b/vendor/go.podman.io/storage/VERSION
index 4d5fde5bd1..8a37c6cd9c 100644
--- a/vendor/go.podman.io/storage/VERSION
+++ b/vendor/go.podman.io/storage/VERSION
@@ -1 +1 @@
-1.60.0
+1.61.0-dev
diff --git a/vendor/go.podman.io/storage/check.go b/vendor/go.podman.io/storage/check.go
index f0902dfced..3fb648d8c1 100644
--- a/vendor/go.podman.io/storage/check.go
+++ b/vendor/go.podman.io/storage/check.go
@@ -989,15 +989,15 @@ func (c *checkDirectory) add(path string, typeflag byte, uid, gid int, size int6
// remove removes an item from a checkDirectory
func (c *checkDirectory) remove(path string) {
- components := strings.Split(path, "/")
- if len(components) == 1 {
- delete(c.directory, components[0])
- delete(c.file, components[0])
+ parent, rest, ok := strings.Cut(path, "/")
+ if !ok {
+ delete(c.directory, parent)
+ delete(c.file, parent)
return
}
- subdirectory := c.directory[components[0]]
+ subdirectory := c.directory[parent]
if subdirectory != nil {
- subdirectory.remove(strings.Join(components[1:], "/"))
+ subdirectory.remove(rest)
}
}
@@ -1019,7 +1019,7 @@ func (c *checkDirectory) header(hdr *tar.Header) {
// root directory of the archive, which is not always the
// same as being relative to hdr.Name
directory := c
- for _, component := range strings.Split(path.Clean(hdr.Linkname), "/") {
+ for component := range strings.SplitSeq(path.Clean(hdr.Linkname), "/") {
if component == "." || component == ".." {
continue
}
diff --git a/vendor/go.podman.io/storage/drivers/aufs/aufs.go b/vendor/go.podman.io/storage/drivers/aufs/aufs.go
deleted file mode 100644
index b3eb33730a..0000000000
--- a/vendor/go.podman.io/storage/drivers/aufs/aufs.go
+++ /dev/null
@@ -1,795 +0,0 @@
-//go:build linux
-
-/*
-
-aufs driver directory structure
-
- .
- ├── layers // Metadata of layers
- │ ├── 1
- │ ├── 2
- │ └── 3
- ├── diff // Content of the layer
- │ ├── 1 // Contains layers that need to be mounted for the id
- │ ├── 2
- │ └── 3
- └── mnt // Mount points for the rw layers to be mounted
- ├── 1
- ├── 2
- └── 3
-
-*/
-
-package aufs
-
-import (
- "bufio"
- "errors"
- "fmt"
- "io"
- "io/fs"
- "os"
- "path"
- "path/filepath"
- "strings"
- "sync"
- "time"
-
- "github.com/opencontainers/selinux/go-selinux/label"
- "github.com/sirupsen/logrus"
- "github.com/vbatts/tar-split/tar/storage"
- graphdriver "go.podman.io/storage/drivers"
- "go.podman.io/storage/internal/tempdir"
- "go.podman.io/storage/pkg/archive"
- "go.podman.io/storage/pkg/chrootarchive"
- "go.podman.io/storage/pkg/directory"
- "go.podman.io/storage/pkg/fileutils"
- "go.podman.io/storage/pkg/idtools"
- "go.podman.io/storage/pkg/locker"
- mountpk "go.podman.io/storage/pkg/mount"
- "go.podman.io/storage/pkg/parsers"
- "go.podman.io/storage/pkg/system"
- "go.podman.io/storage/pkg/unshare"
- "golang.org/x/sys/unix"
-)
-
-var (
- // ErrAufsNotSupported is returned if aufs is not supported by the host.
- ErrAufsNotSupported = fmt.Errorf("aufs was not found in /proc/filesystems")
- // ErrAufsNested means aufs cannot be used bc we are in a user namespace
- ErrAufsNested = fmt.Errorf("aufs cannot be used in non-init user namespace")
- backingFs = ""
-
- enableDirpermLock sync.Once
- enableDirperm bool
-)
-
-const defaultPerms = os.FileMode(0o555)
-
-func init() {
- graphdriver.MustRegister("aufs", Init)
-}
-
-// Driver contains information about the filesystem mounted.
-type Driver struct {
- sync.Mutex
- root string
- ctr *graphdriver.RefCounter
- pathCacheLock sync.Mutex
- pathCache map[string]string
- naiveDiff graphdriver.DiffDriver
- locker *locker.Locker
- mountOptions string
-}
-
-// Init returns a new AUFS driver.
-// An error is returned if AUFS is not supported.
-func Init(home string, options graphdriver.Options) (graphdriver.Driver, error) {
- // Try to load the aufs kernel module
- if err := supportsAufs(); err != nil {
- return nil, fmt.Errorf("kernel does not support aufs: %w", graphdriver.ErrNotSupported)
- }
-
- fsMagic, err := graphdriver.GetFSMagic(home)
- if err != nil {
- return nil, err
- }
- if fsName, ok := graphdriver.FsNames[fsMagic]; ok {
- backingFs = fsName
- }
-
- switch fsMagic {
- case graphdriver.FsMagicAufs, graphdriver.FsMagicBtrfs, graphdriver.FsMagicEcryptfs:
- logrus.Errorf("AUFS is not supported over %s", backingFs)
- return nil, fmt.Errorf("aufs is not supported over %q: %w", backingFs, graphdriver.ErrIncompatibleFS)
- }
-
- var mountOptions string
- for _, option := range options.DriverOptions {
- key, val, err := parsers.ParseKeyValueOpt(option)
- if err != nil {
- return nil, err
- }
- key = strings.ToLower(key)
- switch key {
- case "aufs.mountopt":
- mountOptions = val
- default:
- return nil, fmt.Errorf("option %s not supported", option)
- }
- }
- paths := []string{
- "mnt",
- "diff",
- "layers",
- }
-
- a := &Driver{
- root: home,
- pathCache: make(map[string]string),
- ctr: graphdriver.NewRefCounter(graphdriver.NewFsChecker(graphdriver.FsMagicAufs)),
- locker: locker.New(),
- mountOptions: mountOptions,
- }
-
- // Create the root aufs driver dir and return
- // if it already exists
- // If not populate the dir structure
- if err := os.MkdirAll(home, 0o700); err != nil {
- if os.IsExist(err) {
- return a, nil
- }
- return nil, err
- }
-
- if err := mountpk.MakePrivate(home); err != nil {
- return nil, err
- }
-
- // Populate the dir structure
- for _, p := range paths {
- if err := os.MkdirAll(path.Join(home, p), 0o700); err != nil {
- return nil, err
- }
- }
- logger := logrus.WithFields(logrus.Fields{
- "module": "graphdriver",
- "driver": "aufs",
- })
-
- for _, path := range []string{"mnt", "diff"} {
- p := filepath.Join(home, path)
- entries, err := os.ReadDir(p)
- if err != nil {
- logger.WithError(err).WithField("dir", p).Error("error reading dir entries")
- continue
- }
- for _, entry := range entries {
- if !entry.IsDir() {
- continue
- }
- if strings.HasSuffix(entry.Name(), "-removing") {
- logger.WithField("dir", entry.Name()).Debug("Cleaning up stale layer dir")
- if err := system.EnsureRemoveAll(filepath.Join(p, entry.Name())); err != nil {
- logger.WithField("dir", entry.Name()).WithError(err).Error("Error removing stale layer dir")
- }
- }
- }
- }
-
- a.naiveDiff = graphdriver.NewNaiveDiffDriver(a, a)
- return a, nil
-}
-
-// Return a nil error if the kernel supports aufs
-func supportsAufs() error {
- if unshare.IsRootless() {
- return ErrAufsNested
- }
-
- f, err := os.Open("/proc/filesystems")
- if err != nil {
- return err
- }
- defer f.Close()
-
- s := bufio.NewScanner(f)
- for s.Scan() {
- if strings.Contains(s.Text(), "aufs") {
- return nil
- }
- }
- return ErrAufsNotSupported
-}
-
-func (a *Driver) rootPath() string {
- return a.root
-}
-
-func (*Driver) String() string {
- return "aufs"
-}
-
-// Status returns current information about the filesystem such as root directory, number of directories mounted, etc.
-func (a *Driver) Status() [][2]string {
- ids, _ := loadIds(path.Join(a.rootPath(), "layers"))
- return [][2]string{
- {"Root Dir", a.rootPath()},
- {"Backing Filesystem", backingFs},
- {"Dirs", fmt.Sprintf("%d", len(ids))},
- {"Dirperm1 Supported", fmt.Sprintf("%v", useDirperm())},
- }
-}
-
-// Metadata not implemented
-func (a *Driver) Metadata(id string) (map[string]string, error) {
- return nil, nil //nolint: nilnil
-}
-
-// Exists returns true if the given id is registered with
-// this driver
-func (a *Driver) Exists(id string) bool {
- if err := fileutils.Lexists(path.Join(a.rootPath(), "layers", id)); err != nil {
- return false
- }
- return true
-}
-
-// ListLayers() returns all of the layers known to the driver.
-func (a *Driver) ListLayers() ([]string, error) {
- diffsDir := filepath.Join(a.rootPath(), "diff")
- entries, err := os.ReadDir(diffsDir)
- if err != nil {
- return nil, err
- }
- results := make([]string, 0, len(entries))
- for _, entry := range entries {
- if !entry.IsDir() {
- continue
- }
- results = append(results, entry.Name())
- }
- return results, nil
-}
-
-// AdditionalImageStores returns additional image stores supported by the driver
-func (a *Driver) AdditionalImageStores() []string {
- return nil
-}
-
-// CreateFromTemplate creates a layer with the same contents and parent as another layer.
-func (a *Driver) CreateFromTemplate(id, template string, templateIDMappings *idtools.IDMappings, parent string, parentIDMappings *idtools.IDMappings, opts *graphdriver.CreateOpts, readWrite bool) error {
- if opts == nil {
- opts = &graphdriver.CreateOpts{}
- }
- return graphdriver.NaiveCreateFromTemplate(a, id, template, templateIDMappings, parent, parentIDMappings, opts, readWrite)
-}
-
-// CreateReadWrite creates a layer that is writable for use as a container
-// file system.
-func (a *Driver) CreateReadWrite(id, parent string, opts *graphdriver.CreateOpts) error {
- return a.Create(id, parent, opts)
-}
-
-// Create three folders for each id
-// mnt, layers, and diff
-func (a *Driver) Create(id, parent string, opts *graphdriver.CreateOpts) error {
- if opts != nil && len(opts.StorageOpt) != 0 {
- return fmt.Errorf("--storage-opt is not supported for aufs")
- }
-
- if err := a.createDirsFor(id, parent); err != nil {
- return err
- }
- // Write the layers metadata
- f, err := os.Create(path.Join(a.rootPath(), "layers", id))
- if err != nil {
- return err
- }
- defer f.Close()
-
- if parent != "" {
- ids, err := getParentIDs(a.rootPath(), parent)
- if err != nil {
- return err
- }
-
- if _, err := fmt.Fprintln(f, parent); err != nil {
- return err
- }
- for _, i := range ids {
- if _, err := fmt.Fprintln(f, i); err != nil {
- return err
- }
- }
- }
-
- return nil
-}
-
-// createDirsFor creates two directories for the given id.
-// mnt and diff
-func (a *Driver) createDirsFor(id, parent string) error {
- paths := []string{
- "mnt",
- "diff",
- }
-
- // Directory permission is 0555.
- // The path of directories are /mnt/
- // and /diff/
- for _, p := range paths {
- rootPair := idtools.IDPair{UID: 0, GID: 0}
- rootPerms := defaultPerms
- if parent != "" {
- st, err := system.Stat(path.Join(a.rootPath(), p, parent))
- if err != nil {
- return err
- }
- rootPerms = os.FileMode(st.Mode())
- rootPair.UID = int(st.UID())
- rootPair.GID = int(st.GID())
- }
- if err := idtools.MkdirAllAndChownNew(path.Join(a.rootPath(), p, id), rootPerms, rootPair); err != nil {
- return err
- }
- }
- return nil
-}
-
-// Remove will unmount and remove the given id.
-func (a *Driver) Remove(id string) error {
- a.locker.Lock(id)
- defer func() {
- _ = a.locker.Unlock(id)
- }()
- a.pathCacheLock.Lock()
- mountpoint, exists := a.pathCache[id]
- a.pathCacheLock.Unlock()
- if !exists {
- mountpoint = a.getMountpoint(id)
- }
-
- logger := logrus.WithFields(logrus.Fields{
- "module": "graphdriver",
- "driver": "aufs",
- "layer": id,
- })
-
- var retries int
- for {
- mounted, err := a.mounted(mountpoint)
- if err != nil {
- if os.IsNotExist(err) {
- break
- }
- return err
- }
- if !mounted {
- break
- }
-
- err = a.unmount(mountpoint)
- if err == nil {
- break
- }
-
- if err != unix.EBUSY {
- return fmt.Errorf("aufs: unmount error: %s: %w", mountpoint, err)
- }
- if retries >= 5 {
- return fmt.Errorf("aufs: unmount error after retries: %s: %w", mountpoint, err)
- }
- // If unmount returns EBUSY, it could be a transient error. Sleep and retry.
- retries++
- logger.Warnf("unmount failed due to EBUSY: retry count: %d", retries)
- time.Sleep(100 * time.Millisecond)
- }
-
- // Remove the layers file for the id
- if err := os.Remove(path.Join(a.rootPath(), "layers", id)); err != nil && !os.IsNotExist(err) {
- return fmt.Errorf("removing layers dir for %s: %w", id, err)
- }
-
- if err := atomicRemove(a.getDiffPath(id)); err != nil {
- return fmt.Errorf("could not remove diff path for id %s: %w", id, err)
- }
-
- // Atomically remove each directory in turn by first moving it out of the
- // way (so that container runtime doesn't find it anymore) before doing removal of
- // the whole tree.
- if err := atomicRemove(mountpoint); err != nil {
- if errors.Is(err, unix.EBUSY) {
- logger.WithField("dir", mountpoint).WithError(err).Warn("error performing atomic remove due to EBUSY")
- }
- return fmt.Errorf("could not remove mountpoint for id %s: %w", id, err)
- }
-
- a.pathCacheLock.Lock()
- delete(a.pathCache, id)
- a.pathCacheLock.Unlock()
- return nil
-}
-
-func atomicRemove(source string) error {
- target := source + "-removing"
-
- err := os.Rename(source, target)
- switch {
- case err == nil, os.IsNotExist(err):
- case os.IsExist(err):
- // Got error saying the target dir already exists, maybe the source doesn't exist due to a previous (failed) remove
- if e := fileutils.Exists(source); !os.IsNotExist(e) {
- return fmt.Errorf("target rename dir '%s' exists but should not, this needs to be manually cleaned up: %w", target, err)
- }
- default:
- return fmt.Errorf("preparing atomic delete: %w", err)
- }
-
- return system.EnsureRemoveAll(target)
-}
-
-// Get returns the rootfs path for the id.
-// This will mount the dir at its given path
-func (a *Driver) Get(id string, options graphdriver.MountOpts) (string, error) {
- a.locker.Lock(id)
- defer func() {
- _ = a.locker.Unlock(id)
- }()
-
- parents, err := a.getParentLayerPaths(id)
- if err != nil && !os.IsNotExist(err) {
- return "", err
- }
-
- a.pathCacheLock.Lock()
- m, exists := a.pathCache[id]
- a.pathCacheLock.Unlock()
-
- if !exists {
- m = a.getDiffPath(id)
- if len(parents) > 0 {
- m = a.getMountpoint(id)
- }
- }
- if count := a.ctr.Increment(m); count > 1 {
- return m, nil
- }
-
- // If a dir does not have a parent ( no layers )do not try to mount
- // just return the diff path to the data
- if len(parents) > 0 {
- if err := a.mount(id, m, parents, options); err != nil {
- return "", err
- }
- }
-
- a.pathCacheLock.Lock()
- a.pathCache[id] = m
- a.pathCacheLock.Unlock()
- return m, nil
-}
-
-// Put unmounts and updates list of active mounts.
-func (a *Driver) Put(id string) error {
- a.locker.Lock(id)
- defer func() {
- _ = a.locker.Unlock(id)
- }()
-
- a.pathCacheLock.Lock()
- m, exists := a.pathCache[id]
- if !exists {
- m = a.getMountpoint(id)
- a.pathCache[id] = m
- }
- a.pathCacheLock.Unlock()
- if count := a.ctr.Decrement(m); count > 0 {
- return nil
- }
-
- err := a.unmount(m)
- if err != nil {
- logrus.Debugf("Failed to unmount %s aufs: %v", id, err)
- }
- return err
-}
-
-// ReadWriteDiskUsage returns the disk usage of the writable directory for the ID.
-// For AUFS, it queries the mountpoint for this ID.
-func (a *Driver) ReadWriteDiskUsage(id string) (*directory.DiskUsage, error) {
- a.locker.Lock(id)
- defer func() {
- _ = a.locker.Unlock(id)
- }()
- a.pathCacheLock.Lock()
- m, exists := a.pathCache[id]
- if !exists {
- m = a.getMountpoint(id)
- a.pathCache[id] = m
- }
- a.pathCacheLock.Unlock()
- return directory.Usage(m)
-}
-
-// isParent returns if the passed in parent is the direct parent of the passed in layer
-func (a *Driver) isParent(id, parent string) bool {
- parents, _ := getParentIDs(a.rootPath(), id)
- if parent == "" && len(parents) > 0 {
- return false
- }
- return len(parents) == 0 || parent == parents[0]
-}
-
-// Diff produces an archive of the changes between the specified
-// layer and its parent layer which may be "".
-func (a *Driver) Diff(id string, idMappings *idtools.IDMappings, parent string, parentMappings *idtools.IDMappings, mountLabel string) (io.ReadCloser, error) {
- if !a.isParent(id, parent) {
- return a.naiveDiff.Diff(id, idMappings, parent, parentMappings, mountLabel)
- }
-
- if idMappings == nil {
- idMappings = &idtools.IDMappings{}
- }
-
- // AUFS doesn't need the parent layer to produce a diff.
- return archive.TarWithOptions(path.Join(a.rootPath(), "diff", id), &archive.TarOptions{
- Compression: archive.Uncompressed,
- ExcludePatterns: []string{archive.WhiteoutMetaPrefix + "*", "!" + archive.WhiteoutOpaqueDir},
- UIDMaps: idMappings.UIDs(),
- GIDMaps: idMappings.GIDs(),
- })
-}
-
-type fileGetNilCloser struct {
- storage.FileGetter
-}
-
-func (f fileGetNilCloser) Close() error {
- return nil
-}
-
-// DiffGetter returns a FileGetCloser that can read files from the directory that
-// contains files for the layer differences. Used for direct access for tar-split.
-func (a *Driver) DiffGetter(id string) (graphdriver.FileGetCloser, error) {
- p := path.Join(a.rootPath(), "diff", id)
- return fileGetNilCloser{storage.NewPathFileGetter(p)}, nil
-}
-
-func (a *Driver) applyDiff(id string, idMappings *idtools.IDMappings, diff io.Reader) error {
- if idMappings == nil {
- idMappings = &idtools.IDMappings{}
- }
- return chrootarchive.UntarUncompressed(diff, path.Join(a.rootPath(), "diff", id), &archive.TarOptions{
- UIDMaps: idMappings.UIDs(),
- GIDMaps: idMappings.GIDs(),
- })
-}
-
-// DiffSize calculates the changes between the specified id
-// and its parent and returns the size in bytes of the changes
-// relative to its base filesystem directory.
-func (a *Driver) DiffSize(id string, idMappings *idtools.IDMappings, parent string, parentMappings *idtools.IDMappings, mountLabel string) (size int64, err error) {
- if !a.isParent(id, parent) {
- return a.naiveDiff.DiffSize(id, idMappings, parent, parentMappings, mountLabel)
- }
- // AUFS doesn't need the parent layer to calculate the diff size.
- return directory.Size(path.Join(a.rootPath(), "diff", id))
-}
-
-// ApplyDiff extracts the changeset from the given diff into the
-// layer with the specified id and parent, returning the size of the
-// new layer in bytes.
-func (a *Driver) ApplyDiff(id, parent string, options graphdriver.ApplyDiffOpts) (size int64, err error) {
- if !a.isParent(id, parent) {
- return a.naiveDiff.ApplyDiff(id, parent, options)
- }
-
- // AUFS doesn't need the parent id to apply the diff if it is the direct parent.
- if err = a.applyDiff(id, options.Mappings, options.Diff); err != nil {
- return
- }
-
- return directory.Size(path.Join(a.rootPath(), "diff", id))
-}
-
-// Changes produces a list of changes between the specified layer
-// and its parent layer. If parent is "", then all changes will be ADD changes.
-func (a *Driver) Changes(id string, idMappings *idtools.IDMappings, parent string, parentMappings *idtools.IDMappings, mountLabel string) ([]archive.Change, error) {
- if !a.isParent(id, parent) {
- return a.naiveDiff.Changes(id, idMappings, parent, parentMappings, mountLabel)
- }
-
- // AUFS doesn't have snapshots, so we need to get changes from all parent
- // layers.
- layers, err := a.getParentLayerPaths(id)
- if err != nil {
- return nil, err
- }
- return archive.Changes(layers, path.Join(a.rootPath(), "diff", id))
-}
-
-func (a *Driver) getParentLayerPaths(id string) ([]string, error) {
- parentIds, err := getParentIDs(a.rootPath(), id)
- if err != nil {
- return nil, err
- }
- layers := make([]string, len(parentIds))
-
- // Get the diff paths for all the parent ids
- for i, p := range parentIds {
- layers[i] = path.Join(a.rootPath(), "diff", p)
- }
- return layers, nil
-}
-
-func (a *Driver) mount(id string, target string, layers []string, options graphdriver.MountOpts) error {
- a.Lock()
- defer a.Unlock()
-
- // If the id is mounted or we get an error return
- if mounted, err := a.mounted(target); err != nil || mounted {
- return err
- }
-
- rw := a.getDiffPath(id)
-
- if err := a.aufsMount(layers, rw, target, options); err != nil {
- return fmt.Errorf("creating aufs mount to %s: %w", target, err)
- }
- return nil
-}
-
-func (a *Driver) unmount(mountPath string) error {
- a.Lock()
- defer a.Unlock()
-
- if mounted, err := a.mounted(mountPath); err != nil || !mounted {
- return err
- }
- if err := Unmount(mountPath); err != nil {
- return err
- }
- return nil
-}
-
-func (a *Driver) mounted(mountpoint string) (bool, error) {
- return graphdriver.Mounted(graphdriver.FsMagicAufs, mountpoint)
-}
-
-// Cleanup aufs and unmount all mountpoints
-func (a *Driver) Cleanup() error {
- var dirs []string
- if err := filepath.WalkDir(a.mntPath(), func(path string, d fs.DirEntry, err error) error {
- if err != nil {
- return err
- }
- if !d.IsDir() {
- return nil
- }
- dirs = append(dirs, path)
- return nil
- }); err != nil {
- return err
- }
-
- for _, m := range dirs {
- if err := a.unmount(m); err != nil {
- logrus.Debugf("aufs error unmounting %s: %s", m, err)
- }
- }
- return mountpk.Unmount(a.root)
-}
-
-func (a *Driver) aufsMount(ro []string, rw, target string, options graphdriver.MountOpts) (err error) {
- defer func() {
- if err != nil {
- if err1 := Unmount(target); err1 != nil {
- logrus.Warnf("Unmount %q: %v", target, err1)
- }
- }
- }()
-
- // Mount options are clipped to page size(4096 bytes). If there are more
- // layers then these are remounted individually using append.
-
- offset := 54
- if useDirperm() {
- offset += len(",dirperm1")
- }
- b := make([]byte, unix.Getpagesize()-len(options.MountLabel)-offset) // room for xino & mountLabel
- bp := copy(b, fmt.Sprintf("br:%s=rw", rw))
-
- index := 0
- for ; index < len(ro); index++ {
- layer := fmt.Sprintf(":%s=ro+wh", ro[index])
- if bp+len(layer) > len(b) {
- break
- }
- bp += copy(b[bp:], layer)
- }
-
- opts := "dio,xino=/dev/shm/aufs.xino"
- mountOptions := a.mountOptions
- if len(options.Options) > 0 {
- mountOptions = strings.Join(options.Options, ",")
- }
- if mountOptions != "" {
- opts += fmt.Sprintf(",%s", mountOptions)
- }
-
- if useDirperm() {
- opts += ",dirperm1"
- }
- data := label.FormatMountLabel(fmt.Sprintf("%s,%s", string(b[:bp]), opts), options.MountLabel)
- if err = mount("none", target, "aufs", 0, data); err != nil {
- return
- }
-
- for ; index < len(ro); index++ {
- layer := fmt.Sprintf(":%s=ro+wh", ro[index])
- data := label.FormatMountLabel(fmt.Sprintf("append%s", layer), options.MountLabel)
- if err = mount("none", target, "aufs", unix.MS_REMOUNT, data); err != nil {
- return
- }
- }
-
- return
-}
-
-// useDirperm checks dirperm1 mount option can be used with the current
-// version of aufs.
-func useDirperm() bool {
- enableDirpermLock.Do(func() {
- base, err := os.MkdirTemp("", "storage-aufs-base")
- if err != nil {
- logrus.Errorf("Checking dirperm1: %v", err)
- return
- }
- defer os.RemoveAll(base)
-
- union, err := os.MkdirTemp("", "storage-aufs-union")
- if err != nil {
- logrus.Errorf("Checking dirperm1: %v", err)
- return
- }
- defer os.RemoveAll(union)
-
- opts := fmt.Sprintf("br:%s,dirperm1,xino=/dev/shm/aufs.xino", base)
- if err := mount("none", union, "aufs", 0, opts); err != nil {
- return
- }
- enableDirperm = true
- if err := Unmount(union); err != nil {
- logrus.Errorf("Checking dirperm1: failed to unmount %v", err)
- }
- })
- return enableDirperm
-}
-
-// UpdateLayerIDMap updates ID mappings in a layer from matching the ones
-// specified by toContainer to those specified by toHost.
-func (a *Driver) UpdateLayerIDMap(id string, toContainer, toHost *idtools.IDMappings, mountLabel string) error {
- return fmt.Errorf("aufs doesn't support changing ID mappings")
-}
-
-// SupportsShifting tells whether the driver support shifting of the UIDs/GIDs to the provided mapping in an userNS
-func (a *Driver) SupportsShifting(uidmap, gidmap []idtools.IDMap) bool {
- return false
-}
-
-// Dedup performs deduplication of the driver's storage.
-func (a *Driver) Dedup(req graphdriver.DedupArgs) (graphdriver.DedupResult, error) {
- return graphdriver.DedupResult{}, nil
-}
-
-// DeferredRemove is not implemented.
-// It calls Remove directly.
-func (a *Driver) DeferredRemove(id string) (tempdir.CleanupTempDirFunc, error) {
- return nil, a.Remove(id)
-}
-
-// GetTempDirRootDirs is not implemented.
-func (a *Driver) GetTempDirRootDirs() []string {
- return []string{}
-}
diff --git a/vendor/go.podman.io/storage/drivers/aufs/dirs.go b/vendor/go.podman.io/storage/drivers/aufs/dirs.go
deleted file mode 100644
index 9587bf63c6..0000000000
--- a/vendor/go.podman.io/storage/drivers/aufs/dirs.go
+++ /dev/null
@@ -1,63 +0,0 @@
-//go:build linux
-
-package aufs
-
-import (
- "bufio"
- "os"
- "path"
-)
-
-// Return all the directories
-func loadIds(root string) ([]string, error) {
- dirs, err := os.ReadDir(root)
- if err != nil {
- return nil, err
- }
- out := []string{}
- for _, d := range dirs {
- if !d.IsDir() {
- out = append(out, d.Name())
- }
- }
- return out, nil
-}
-
-// Read the layers file for the current id and return all the
-// layers represented by new lines in the file
-//
-// If there are no lines in the file then the id has no parent
-// and an empty slice is returned.
-func getParentIDs(root, id string) ([]string, error) {
- f, err := os.Open(path.Join(root, "layers", id))
- if err != nil {
- return nil, err
- }
- defer f.Close()
-
- out := []string{}
- s := bufio.NewScanner(f)
-
- for s.Scan() {
- if t := s.Text(); t != "" {
- out = append(out, s.Text())
- }
- }
- return out, s.Err()
-}
-
-func (a *Driver) getMountpoint(id string) string {
- return path.Join(a.mntPath(), id)
-}
-
-func (a *Driver) mntPath() string {
- return path.Join(a.rootPath(), "mnt")
-}
-
-func (a *Driver) getDiffPath(id string) string {
- return path.Join(a.diffPath(), id)
-}
-
-func (a *Driver) diffPath() string {
- return path.Join(a.rootPath(), "diff")
-}
diff --git a/vendor/go.podman.io/storage/drivers/aufs/mount.go b/vendor/go.podman.io/storage/drivers/aufs/mount.go
deleted file mode 100644
index 51b3d6dfa6..0000000000
--- a/vendor/go.podman.io/storage/drivers/aufs/mount.go
+++ /dev/null
@@ -1,21 +0,0 @@
-//go:build linux
-
-package aufs
-
-import (
- "os/exec"
-
- "github.com/sirupsen/logrus"
- "golang.org/x/sys/unix"
-)
-
-// Unmount the target specified.
-func Unmount(target string) error {
- if err := exec.Command("auplink", target, "flush").Run(); err != nil {
- logrus.Warnf("Couldn't run auplink before unmount %s: %s", target, err)
- }
- if err := unix.Unmount(target, 0); err != nil {
- return err
- }
- return nil
-}
diff --git a/vendor/go.podman.io/storage/drivers/aufs/mount_linux.go b/vendor/go.podman.io/storage/drivers/aufs/mount_linux.go
deleted file mode 100644
index 937104ba3f..0000000000
--- a/vendor/go.podman.io/storage/drivers/aufs/mount_linux.go
+++ /dev/null
@@ -1,7 +0,0 @@
-package aufs
-
-import "golang.org/x/sys/unix"
-
-func mount(source string, target string, fstype string, flags uintptr, data string) error {
- return unix.Mount(source, target, fstype, flags, data)
-}
diff --git a/vendor/go.podman.io/storage/drivers/chown_darwin.go b/vendor/go.podman.io/storage/drivers/chown_darwin.go
index 7490973212..eea633520c 100644
--- a/vendor/go.podman.io/storage/drivers/chown_darwin.go
+++ b/vendor/go.podman.io/storage/drivers/chown_darwin.go
@@ -37,7 +37,7 @@ func (c *platformChowner) LChown(path string, info os.FileInfo, toHost, toContai
i := inode{
Dev: uint64(st.Dev),
- Ino: uint64(st.Ino),
+ Ino: st.Ino,
}
c.mutex.Lock()
_, found := c.inodes[i]
diff --git a/vendor/go.podman.io/storage/drivers/driver_linux.go b/vendor/go.podman.io/storage/drivers/driver_linux.go
index 7a95a1eaa6..9e49d98af4 100644
--- a/vendor/go.podman.io/storage/drivers/driver_linux.go
+++ b/vendor/go.podman.io/storage/drivers/driver_linux.go
@@ -93,7 +93,6 @@ var (
// Slice of drivers that should be used in an order
Priority = []string{
"overlay",
- "aufs",
"btrfs",
"zfs",
"vfs",
diff --git a/vendor/go.podman.io/storage/drivers/fsdiff.go b/vendor/go.podman.io/storage/drivers/fsdiff.go
index d80d00368c..77f98d49da 100644
--- a/vendor/go.podman.io/storage/drivers/fsdiff.go
+++ b/vendor/go.podman.io/storage/drivers/fsdiff.go
@@ -22,7 +22,6 @@ var ApplyUncompressedLayer = chrootarchive.ApplyUncompressedLayer
// capability of the Diffing methods which it may or may not
// support on its own. See the comment on the exported
// NewNaiveDiffDriver function below.
-// Notably, the AUFS driver doesn't need to be wrapped like this.
type NaiveDiffDriver struct {
ProtoDriver
LayerIDMapUpdater
@@ -152,7 +151,7 @@ func (gdw *NaiveDiffDriver) Changes(id string, idMappings *idtools.IDMappings, p
// ApplyDiff extracts the changeset from the given diff into the
// layer with the specified id and parent, returning the size of the
// new layer in bytes.
-func (gdw *NaiveDiffDriver) ApplyDiff(id, parent string, options ApplyDiffOpts) (size int64, err error) {
+func (gdw *NaiveDiffDriver) ApplyDiff(id, parent string, options ApplyDiffOpts) (int64, error) {
driver := gdw.ProtoDriver
if options.Mappings == nil {
@@ -165,7 +164,7 @@ func (gdw *NaiveDiffDriver) ApplyDiff(id, parent string, options ApplyDiffOpts)
}
layerFs, err := driver.Get(id, mountOpts)
if err != nil {
- return
+ return -1, err
}
defer driverPut(driver, id, &err)
@@ -186,19 +185,20 @@ func (gdw *NaiveDiffDriver) ApplyDiff(id, parent string, options ApplyDiffOpts)
}
start := time.Now().UTC()
logrus.Debug("Start untar layer")
- if size, err = ApplyUncompressedLayer(layerFs, options.Diff, tarOptions); err != nil {
+ size, err := ApplyUncompressedLayer(layerFs, options.Diff, tarOptions)
+ if err != nil {
logrus.Errorf("While applying layer: %s", err)
- return
+ return -1, err
}
logrus.Debugf("Untar time: %vs", time.Now().UTC().Sub(start).Seconds())
- return
+ return size, nil
}
// DiffSize calculates the changes between the specified layer
// and its parent and returns the size in bytes of the changes
// relative to its base filesystem directory.
-func (gdw *NaiveDiffDriver) DiffSize(id string, idMappings *idtools.IDMappings, parent string, parentMappings *idtools.IDMappings, mountLabel string) (size int64, err error) {
+func (gdw *NaiveDiffDriver) DiffSize(id string, idMappings *idtools.IDMappings, parent string, parentMappings *idtools.IDMappings, mountLabel string) (int64, error) {
driver := gdw.ProtoDriver
if idMappings == nil {
@@ -210,7 +210,7 @@ func (gdw *NaiveDiffDriver) DiffSize(id string, idMappings *idtools.IDMappings,
changes, err := gdw.Changes(id, idMappings, parent, parentMappings, mountLabel)
if err != nil {
- return
+ return 0, err
}
options := MountOpts{
@@ -218,7 +218,7 @@ func (gdw *NaiveDiffDriver) DiffSize(id string, idMappings *idtools.IDMappings,
}
layerFs, err := driver.Get(id, options)
if err != nil {
- return
+ return 0, err
}
defer driverPut(driver, id, &err)
diff --git a/vendor/go.podman.io/storage/drivers/overlay/mount.go b/vendor/go.podman.io/storage/drivers/overlay/mount.go
index 250a185a93..97af37c772 100644
--- a/vendor/go.podman.io/storage/drivers/overlay/mount.go
+++ b/vendor/go.podman.io/storage/drivers/overlay/mount.go
@@ -101,7 +101,7 @@ func mountOverlayFromMain() {
// Split out the various options, since we need to manipulate the
// paths, but we don't want to mess with other options.
var upperk, upperv, workk, workv, lowerk, lowerv, labelk, labelv, others string
- for _, arg := range strings.Split(options.Label, ",") {
+ for arg := range strings.SplitSeq(options.Label, ",") {
key, val, _ := strings.Cut(arg, "=")
switch key {
case "upperdir":
@@ -139,10 +139,9 @@ func mountOverlayFromMain() {
// Get a descriptor for each lower, and use that descriptor's name as
// the new value for the list of lowers, because it's shorter.
if lowerv != "" {
- lowers := strings.Split(lowerv, ":")
var newLowers []string
dataOnly := false
- for _, lowerPath := range lowers {
+ for lowerPath := range strings.SplitSeq(lowerv, ":") {
if lowerPath == "" {
dataOnly = true
continue
diff --git a/vendor/go.podman.io/storage/drivers/overlay/overlay.go b/vendor/go.podman.io/storage/drivers/overlay/overlay.go
index f65b2c515a..c08e060466 100644
--- a/vendor/go.podman.io/storage/drivers/overlay/overlay.go
+++ b/vendor/go.podman.io/storage/drivers/overlay/overlay.go
@@ -501,7 +501,7 @@ func parseOptions(options []string) (*overlayOptions, error) {
if val == "" {
continue
}
- for _, store := range strings.Split(val, ",") {
+ for store := range strings.SplitSeq(val, ",") {
store = filepath.Clean(store)
if !filepath.IsAbs(store) {
return nil, fmt.Errorf("overlay: image path %q is not absolute. Can not be relative", store)
@@ -521,7 +521,7 @@ func parseOptions(options []string) (*overlayOptions, error) {
if val == "" {
continue
}
- for _, lstore := range strings.Split(val, ",") {
+ for lstore := range strings.SplitSeq(val, ",") {
elems := strings.Split(lstore, ":")
lstore = filepath.Clean(elems[0])
if !filepath.IsAbs(lstore) {
@@ -1196,8 +1196,8 @@ func (d *Driver) getLower(parent string) (string, error) {
parentLower, err := os.ReadFile(path.Join(parentDir, lowerFile))
if err == nil {
- parentLowers := strings.Split(string(parentLower), ":")
- lowers = append(lowers, parentLowers...)
+ parentLowers := strings.SplitSeq(string(parentLower), ":")
+ lowers = slices.AppendSeq(lowers, parentLowers)
}
return strings.Join(lowers, ":"), nil
}
@@ -1247,7 +1247,7 @@ func (d *Driver) getLowerDirs(id string) ([]string, error) {
var lowersArray []string
lowers, err := os.ReadFile(path.Join(d.dir(id), lowerFile))
if err == nil {
- for _, s := range strings.Split(string(lowers), ":") {
+ for s := range strings.SplitSeq(string(lowers), ":") {
lower := d.dir(s)
lp, err := os.Readlink(lower)
// if the link does not exist, we lost the symlinks during a sudden reboot.
diff --git a/vendor/go.podman.io/storage/drivers/register/register_aufs.go b/vendor/go.podman.io/storage/drivers/register/register_aufs.go
deleted file mode 100644
index 595c25c219..0000000000
--- a/vendor/go.podman.io/storage/drivers/register/register_aufs.go
+++ /dev/null
@@ -1,8 +0,0 @@
-//go:build !exclude_graphdriver_aufs && linux
-
-package register
-
-import (
- // register the aufs graphdriver
- _ "go.podman.io/storage/drivers/aufs"
-)
diff --git a/vendor/go.podman.io/storage/drivers/vfs/driver.go b/vendor/go.podman.io/storage/drivers/vfs/driver.go
index c86e174e77..ffd3bd24ea 100644
--- a/vendor/go.podman.io/storage/drivers/vfs/driver.go
+++ b/vendor/go.podman.io/storage/drivers/vfs/driver.go
@@ -6,6 +6,7 @@ import (
"os"
"path/filepath"
"runtime"
+ "slices"
"strconv"
"strings"
@@ -52,7 +53,7 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error)
key = strings.ToLower(key)
switch key {
case "vfs.imagestore", ".imagestore":
- d.additionalHomes = append(d.additionalHomes, strings.Split(val, ",")...)
+ d.additionalHomes = slices.AppendSeq(d.additionalHomes, strings.SplitSeq(val, ","))
continue
case "vfs.mountopt":
return nil, fmt.Errorf("vfs driver does not support mount options")
diff --git a/vendor/go.podman.io/storage/drivers/zfs/zfs.go b/vendor/go.podman.io/storage/drivers/zfs/zfs.go
index b804cf0b3b..8660dbaa3e 100644
--- a/vendor/go.podman.io/storage/drivers/zfs/zfs.go
+++ b/vendor/go.podman.io/storage/drivers/zfs/zfs.go
@@ -188,8 +188,8 @@ func (d *Driver) Cleanup() error {
// Currently it return 'Zpool', 'Zpool Health', 'Parent Dataset', 'Space Used By Parent',
// 'Space Available', 'Parent Quota' and 'Compression'.
func (d *Driver) Status() [][2]string {
- parts := strings.Split(d.dataset.Name, "/")
- pool, err := zfs.GetZpool(parts[0])
+ fsName, _, _ := strings.Cut(d.dataset.Name, "/")
+ pool, err := zfs.GetZpool(fsName)
var poolName, poolHealth string
if err == nil {
diff --git a/vendor/go.podman.io/storage/internal/tempdir/tempdir.go b/vendor/go.podman.io/storage/internal/tempdir/tempdir.go
index 91959b75c8..6522c45d18 100644
--- a/vendor/go.podman.io/storage/internal/tempdir/tempdir.go
+++ b/vendor/go.podman.io/storage/internal/tempdir/tempdir.go
@@ -3,12 +3,14 @@ package tempdir
import (
"errors"
"fmt"
+ "io/fs"
"os"
"path/filepath"
"strings"
"github.com/sirupsen/logrus"
"go.podman.io/storage/internal/staging_lockfile"
+ "go.podman.io/storage/pkg/system"
)
/*
@@ -102,10 +104,10 @@ func listPotentialStaleDirs(rootDir string) (map[string]struct{}, error) {
dirContent, err := os.ReadDir(rootDir)
if err != nil {
- if os.IsNotExist(err) {
+ if errors.Is(err, fs.ErrNotExist) {
return nil, nil
}
- return nil, fmt.Errorf("error reading temp dir %s: %w", rootDir, err)
+ return nil, fmt.Errorf("error reading temp dir: %w", err)
}
for _, entry := range dirContent {
@@ -128,7 +130,7 @@ func listPotentialStaleDirs(rootDir string) (map[string]struct{}, error) {
func RecoverStaleDirs(rootDir string) error {
potentialStaleDirs, err := listPotentialStaleDirs(rootDir)
if err != nil {
- return fmt.Errorf("error listing potential stale temp dirs in %s: %w", rootDir, err)
+ return fmt.Errorf("error listing potential stale temp dirs: %w", err)
}
if len(potentialStaleDirs) == 0 {
@@ -147,11 +149,11 @@ func RecoverStaleDirs(rootDir string) error {
continue
}
- if rmErr := os.RemoveAll(tempDirPath); rmErr != nil && !os.IsNotExist(rmErr) {
- recoveryErrors = append(recoveryErrors, fmt.Errorf("error removing stale temp dir %s: %w", tempDirPath, rmErr))
+ if rmErr := system.EnsureRemoveAll(tempDirPath); rmErr != nil {
+ recoveryErrors = append(recoveryErrors, fmt.Errorf("error removing stale temp dir: %w", rmErr))
}
if unlockErr := instanceLock.UnlockAndDelete(); unlockErr != nil {
- recoveryErrors = append(recoveryErrors, fmt.Errorf("error unlocking and deleting stale lock file %s: %w", lockPath, unlockErr))
+ recoveryErrors = append(recoveryErrors, fmt.Errorf("error unlocking and deleting stale lock file: %w", unlockErr))
}
}
@@ -164,7 +166,7 @@ func RecoverStaleDirs(rootDir string) error {
// Note: The caller MUST ensure that returned TempDir instance is cleaned up with .Cleanup().
func NewTempDir(rootDir string) (*TempDir, error) {
if err := os.MkdirAll(rootDir, 0o700); err != nil {
- return nil, fmt.Errorf("creating root temp directory %s failed: %w", rootDir, err)
+ return nil, fmt.Errorf("creating root temp directory failed: %w", err)
}
td := &TempDir{
@@ -172,7 +174,7 @@ func NewTempDir(rootDir string) (*TempDir, error) {
}
tempDirLock, tempDirLockFileName, err := staging_lockfile.CreateAndLock(td.RootDir, tempdirLockPrefix)
if err != nil {
- return nil, fmt.Errorf("creating and locking temp dir instance lock in %s failed: %w", td.RootDir, err)
+ return nil, fmt.Errorf("creating and locking temp dir instance lock failed: %w", err)
}
td.tempDirLock = tempDirLock
td.tempDirLockPath = filepath.Join(td.RootDir, tempDirLockFileName)
@@ -181,7 +183,7 @@ func NewTempDir(rootDir string) (*TempDir, error) {
id := strings.TrimPrefix(tempDirLockFileName, tempdirLockPrefix)
actualTempDirPath := filepath.Join(td.RootDir, tempDirPrefix+id)
if err := os.MkdirAll(actualTempDirPath, 0o700); err != nil {
- return nil, fmt.Errorf("creating temp directory %s failed: %w", actualTempDirPath, err)
+ return nil, fmt.Errorf("creating temp directory failed: %w", err)
}
td.tempDirPath = actualTempDirPath
td.counter = 0
@@ -217,8 +219,8 @@ func (td *TempDir) Cleanup() error {
return nil
}
- if err := os.RemoveAll(td.tempDirPath); err != nil && !os.IsNotExist(err) {
- return fmt.Errorf("removing temp dir %s failed: %w", td.tempDirPath, err)
+ if err := system.EnsureRemoveAll(td.tempDirPath); err != nil {
+ return fmt.Errorf("removing temp dir failed: %w", err)
}
lock := td.tempDirLock
diff --git a/vendor/go.podman.io/storage/layers.go b/vendor/go.podman.io/storage/layers.go
index c6752927e3..64d3f5c72c 100644
--- a/vendor/go.podman.io/storage/layers.go
+++ b/vendor/go.podman.io/storage/layers.go
@@ -2694,5 +2694,5 @@ func closeAll(closes ...func() error) (rErr error) {
rErr = fmt.Errorf("%v: %w", err, rErr)
}
}
- return
+ return rErr
}
diff --git a/vendor/go.podman.io/storage/pkg/archive/archive.go b/vendor/go.podman.io/storage/pkg/archive/archive.go
index 5f8647af7c..5cdd751307 100644
--- a/vendor/go.podman.io/storage/pkg/archive/archive.go
+++ b/vendor/go.podman.io/storage/pkg/archive/archive.go
@@ -417,9 +417,7 @@ func FileInfoHeader(name string, fi os.FileInfo, link string) (*tar.Header, erro
return nil, fmt.Errorf("tar: cannot canonicalize path: %w", err)
}
hdr.Name = name
- if err := setHeaderForSpecialDevice(hdr, name, fi.Sys()); err != nil {
- return nil, err
- }
+ setHeaderForSpecialDevice(hdr, name, fi.Sys())
return hdr, nil
}
diff --git a/vendor/go.podman.io/storage/pkg/archive/archive_linux.go b/vendor/go.podman.io/storage/pkg/archive/archive_linux.go
index fd7123babc..4613ee32f7 100644
--- a/vendor/go.podman.io/storage/pkg/archive/archive_linux.go
+++ b/vendor/go.podman.io/storage/pkg/archive/archive_linux.go
@@ -30,7 +30,7 @@ type overlayWhiteoutConverter struct {
rolayers []string
}
-func (o overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi os.FileInfo) (wo *tar.Header, err error) {
+func (o overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi os.FileInfo) (*tar.Header, error) {
// convert whiteouts to AUFS format
if fi.Mode()&os.ModeCharDevice != 0 && hdr.Devmajor == 0 && hdr.Devminor == 0 {
// we just rename the file and make it normal
@@ -73,7 +73,7 @@ func (o overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi
// add a whiteout for this item in this layer.
// create a header for the whiteout file
// it should inherit some properties from the parent, but be a regular file
- wo = &tar.Header{
+ wo := &tar.Header{
Typeflag: tar.TypeReg,
Mode: hdr.Mode & int64(os.ModePerm),
Name: filepath.Join(hdr.Name, WhiteoutOpaqueDir),
@@ -85,7 +85,7 @@ func (o overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi
AccessTime: hdr.AccessTime,
ChangeTime: hdr.ChangeTime,
}
- break
+ return wo, nil
}
for dir := filepath.Dir(hdr.Name); dir != "" && dir != "." && dir != string(os.PathSeparator); dir = filepath.Dir(dir) {
// Check for whiteout for a parent directory in a parent layer.
@@ -109,7 +109,7 @@ func (o overlayWhiteoutConverter) ConvertWrite(hdr *tar.Header, path string, fi
}
}
- return
+ return nil, nil
}
func (overlayWhiteoutConverter) ConvertReadWithHandler(hdr *tar.Header, path string, handler TarWhiteoutHandler) (bool, error) {
diff --git a/vendor/go.podman.io/storage/pkg/archive/archive_other.go b/vendor/go.podman.io/storage/pkg/archive/archive_other.go
index b342ff75ee..f7c7352fd3 100644
--- a/vendor/go.podman.io/storage/pkg/archive/archive_other.go
+++ b/vendor/go.podman.io/storage/pkg/archive/archive_other.go
@@ -2,7 +2,7 @@
package archive
-func GetWhiteoutConverter(format WhiteoutFormat, data interface{}) TarWhiteoutConverter {
+func GetWhiteoutConverter(format WhiteoutFormat, data any) TarWhiteoutConverter {
return nil
}
diff --git a/vendor/go.podman.io/storage/pkg/archive/archive_unix.go b/vendor/go.podman.io/storage/pkg/archive/archive_unix.go
index 2d9d68de2c..b09b064435 100644
--- a/vendor/go.podman.io/storage/pkg/archive/archive_unix.go
+++ b/vendor/go.podman.io/storage/pkg/archive/archive_unix.go
@@ -32,8 +32,10 @@ func statUnix(fi os.FileInfo, hdr *tar.Header) error {
if s.Mode&unix.S_IFBLK != 0 ||
s.Mode&unix.S_IFCHR != 0 {
- hdr.Devmajor = int64(unix.Major(uint64(s.Rdev))) //nolint: unconvert
- hdr.Devminor = int64(unix.Minor(uint64(s.Rdev))) //nolint: unconvert
+ // _nolint_: Whether this conversion is required is hardware- and OS-dependent: the value might be uint64 on Linux, int32 on macOS.
+ // So, this might trigger either "uncovert" (if the conversion is unnecessary) or "nolintlint" (if it is required)
+ hdr.Devmajor = int64(unix.Major(uint64(s.Rdev))) //nolint:unconvert,nolintlint
+ hdr.Devminor = int64(unix.Minor(uint64(s.Rdev))) //nolint:unconvert,nolintlint
}
return nil
@@ -67,19 +69,19 @@ func chmodTarEntry(perm os.FileMode) os.FileMode {
return perm // noop for unix as golang APIs provide perm bits correctly
}
-func setHeaderForSpecialDevice(hdr *tar.Header, name string, stat any) (err error) {
+func setHeaderForSpecialDevice(hdr *tar.Header, name string, stat any) {
s, ok := stat.(*syscall.Stat_t)
if ok {
// Currently go does not fill in the major/minors
if s.Mode&unix.S_IFBLK != 0 ||
s.Mode&unix.S_IFCHR != 0 {
- hdr.Devmajor = int64(major(uint64(s.Rdev))) //nolint: unconvert
- hdr.Devminor = int64(minor(uint64(s.Rdev))) //nolint: unconvert
+ // _nolint_: Whether this conversion is required is hardware- and OS-dependent: the value might be uint64 on Linux, int32 on macOS.
+ // So, this might trigger either "uncovert" (if the conversion is unnecessary) or "nolintlint" (if it is required)
+ hdr.Devmajor = int64(major(uint64(s.Rdev))) //nolint: unconvert,nolintlint
+ hdr.Devminor = int64(minor(uint64(s.Rdev))) //nolint: unconvert,nolintlint
}
}
-
- return
}
func getInodeFromStat(stat any) (inode uint64) {
@@ -89,7 +91,7 @@ func getInodeFromStat(stat any) (inode uint64) {
inode = s.Ino
}
- return
+ return inode
}
func getFileUIDGID(stat any) (idtools.IDPair, error) {
diff --git a/vendor/go.podman.io/storage/pkg/archive/archive_windows.go b/vendor/go.podman.io/storage/pkg/archive/archive_windows.go
index 1183f4a282..2c84e9ea54 100644
--- a/vendor/go.podman.io/storage/pkg/archive/archive_windows.go
+++ b/vendor/go.podman.io/storage/pkg/archive/archive_windows.go
@@ -52,14 +52,13 @@ func chmodTarEntry(perm os.FileMode) os.FileMode {
return noPermPart | permPart
}
-func setHeaderForSpecialDevice(hdr *tar.Header, name string, stat interface{}) (err error) {
+func setHeaderForSpecialDevice(hdr *tar.Header, name string, stat interface{}) {
// do nothing. no notion of Rdev, Nlink in stat on Windows
- return
}
-func getInodeFromStat(stat interface{}) (inode uint64) {
+func getInodeFromStat(stat interface{}) uint64 {
// do nothing. no notion of Inode in stat on Windows
- return
+ return 0
}
// handleTarTypeBlockCharFifo is an OS-specific helper function used by
diff --git a/vendor/go.podman.io/storage/pkg/archive/changes.go b/vendor/go.podman.io/storage/pkg/archive/changes.go
index 051ab69528..a60c20dd36 100644
--- a/vendor/go.podman.io/storage/pkg/archive/changes.go
+++ b/vendor/go.podman.io/storage/pkg/archive/changes.go
@@ -86,12 +86,12 @@ func Changes(layers []string, rw string) ([]Change, error) {
return changes(layers, rw, aufsDeletedFile, aufsMetadataSkip, aufsWhiteoutPresent)
}
-func aufsMetadataSkip(path string) (skip bool, err error) {
- skip, err = filepath.Match(string(os.PathSeparator)+WhiteoutMetaPrefix+"*", path)
+func aufsMetadataSkip(path string) (bool, error) {
+ skip, err := filepath.Match(string(os.PathSeparator)+WhiteoutMetaPrefix+"*", path)
if err != nil {
skip = true
}
- return
+ return skip, err
}
func aufsDeletedFile(root, path string, fi os.FileInfo) (string, error) {
@@ -281,8 +281,7 @@ func (info *FileInfo) LookUp(path string) *FileInfo {
return info
}
- pathElements := strings.Split(path, string(os.PathSeparator))
- for _, elem := range pathElements {
+ for elem := range strings.SplitSeq(path, string(os.PathSeparator)) {
if elem != "" {
child := parent.children[elem]
if child == nil {
diff --git a/vendor/go.podman.io/storage/pkg/archive/changes_windows.go b/vendor/go.podman.io/storage/pkg/archive/changes_windows.go
index 947ec2d224..997ee574e2 100644
--- a/vendor/go.podman.io/storage/pkg/archive/changes_windows.go
+++ b/vendor/go.podman.io/storage/pkg/archive/changes_windows.go
@@ -20,8 +20,8 @@ func (info *FileInfo) isDir() bool {
return info.parent == nil || info.stat.Mode().IsDir()
}
-func getIno(fi os.FileInfo) (inode uint64) {
- return
+func getIno(fi os.FileInfo) uint64 {
+ return 0
}
func hasHardlinks(fi os.FileInfo) bool {
diff --git a/vendor/go.podman.io/storage/pkg/archive/copy.go b/vendor/go.podman.io/storage/pkg/archive/copy.go
index 308f132d58..3f91c72b99 100644
--- a/vendor/go.podman.io/storage/pkg/archive/copy.go
+++ b/vendor/go.podman.io/storage/pkg/archive/copy.go
@@ -93,13 +93,13 @@ func TarResource(sourceInfo CopyInfo) (content io.ReadCloser, err error) {
// TarResourceRebase is like TarResource but renames the first path element of
// items in the resulting tar archive to match the given rebaseName if not "".
-func TarResourceRebase(sourcePath, rebaseName string) (content io.ReadCloser, err error) {
+func TarResourceRebase(sourcePath, rebaseName string) (io.ReadCloser, error) {
sourcePath = normalizePath(sourcePath)
- if err = fileutils.Lexists(sourcePath); err != nil {
+ if err := fileutils.Lexists(sourcePath); err != nil {
// Catches the case where the source does not exist or is not a
// directory if asserted to be a directory, as this also causes an
// error.
- return
+ return nil, err
}
// Separate the source path between its directory and
@@ -411,7 +411,7 @@ func ResolveHostSourcePath(path string, followLink bool) (resolvedPath, rebaseNa
if followLink {
resolvedPath, err = filepath.EvalSymlinks(path)
if err != nil {
- return
+ return "", "", err
}
resolvedPath, rebaseName = GetRebaseName(path, resolvedPath)
@@ -422,7 +422,7 @@ func ResolveHostSourcePath(path string, followLink bool) (resolvedPath, rebaseNa
var resolvedDirPath string
resolvedDirPath, err = filepath.EvalSymlinks(dirPath)
if err != nil {
- return
+ return "", "", err
}
// resolvedDirPath will have been cleaned (no trailing path separators) so
// we can manually join it with the base path element.
diff --git a/vendor/go.podman.io/storage/pkg/archive/fflags_bsd.go b/vendor/go.podman.io/storage/pkg/archive/fflags_bsd.go
index 829c95ef14..7584b14ce5 100644
--- a/vendor/go.podman.io/storage/pkg/archive/fflags_bsd.go
+++ b/vendor/go.podman.io/storage/pkg/archive/fflags_bsd.go
@@ -77,7 +77,7 @@ var (
func parseFileFlags(fflags string) (uint32, uint32, error) {
var set, clear uint32 = 0, 0
- for _, fflag := range strings.Split(fflags, ",") {
+ for fflag := range strings.SplitSeq(fflags, ",") {
isClear := false
if clean, ok := strings.CutPrefix(fflag, "no"); ok {
isClear = true
diff --git a/vendor/go.podman.io/storage/pkg/archive/time_linux.go b/vendor/go.podman.io/storage/pkg/archive/time_linux.go
index 3448569b1e..a5233c09f6 100644
--- a/vendor/go.podman.io/storage/pkg/archive/time_linux.go
+++ b/vendor/go.podman.io/storage/pkg/archive/time_linux.go
@@ -10,7 +10,7 @@ func timeToTimespec(time time.Time) (ts syscall.Timespec) {
// Return UTIME_OMIT special value
ts.Sec = 0
ts.Nsec = ((1 << 30) - 2)
- return
+ return ts
}
return syscall.NsecToTimespec(time.UnixNano())
}
diff --git a/vendor/go.podman.io/storage/pkg/archive/wrap.go b/vendor/go.podman.io/storage/pkg/archive/wrap.go
index 903befd763..f8a97254ee 100644
--- a/vendor/go.podman.io/storage/pkg/archive/wrap.go
+++ b/vendor/go.podman.io/storage/pkg/archive/wrap.go
@@ -45,8 +45,8 @@ func Generate(input ...string) (io.Reader, error) {
return buf, nil
}
-func parseStringPairs(input ...string) (output [][2]string) {
- output = make([][2]string, 0, len(input)/2+1)
+func parseStringPairs(input ...string) [][2]string {
+ output := make([][2]string, 0, len(input)/2+1)
for i := 0; i < len(input); i += 2 {
var pair [2]string
pair[0] = input[i]
@@ -55,5 +55,5 @@ func parseStringPairs(input ...string) (output [][2]string) {
}
output = append(output, pair)
}
- return
+ return output
}
diff --git a/vendor/go.podman.io/storage/pkg/chunked/compressor/compressor.go b/vendor/go.podman.io/storage/pkg/chunked/compressor/compressor.go
index 23bcbda519..ef26a812ba 100644
--- a/vendor/go.podman.io/storage/pkg/chunked/compressor/compressor.go
+++ b/vendor/go.podman.io/storage/pkg/chunked/compressor/compressor.go
@@ -173,7 +173,7 @@ func (rc *rollingChecksumReader) Read(b []byte) (bool, int, error) {
return false, -1, err
}
if holeLen > 0 {
- for j := int64(0); j < holeLen; j++ {
+ for range holeLen {
rc.rollsum.Roll(0)
}
rc.pendingHole = holeLen
diff --git a/vendor/go.podman.io/storage/pkg/chunked/filesystem_linux.go b/vendor/go.podman.io/storage/pkg/chunked/filesystem_linux.go
index 3f8311bffc..ceba7d0f3d 100644
--- a/vendor/go.podman.io/storage/pkg/chunked/filesystem_linux.go
+++ b/vendor/go.podman.io/storage/pkg/chunked/filesystem_linux.go
@@ -150,7 +150,7 @@ func timeToTimespec(time *time.Time) (ts unix.Timespec) {
// Return UTIME_OMIT special value
ts.Sec = 0
ts.Nsec = ((1 << 30) - 2)
- return
+ return ts
}
return unix.NsecToTimespec(time.UnixNano())
}
diff --git a/vendor/go.podman.io/storage/pkg/chunked/internal/minimal/compression.go b/vendor/go.podman.io/storage/pkg/chunked/internal/minimal/compression.go
index 256365759c..c3fcf71a74 100644
--- a/vendor/go.podman.io/storage/pkg/chunked/internal/minimal/compression.go
+++ b/vendor/go.podman.io/storage/pkg/chunked/internal/minimal/compression.go
@@ -146,7 +146,9 @@ const (
// TarSplitChecksumKey is no longer used and is replaced by the TOC.TarSplitDigest field instead.
// The value is retained here as a constant as a historical reference for older zstd:chunked images.
- // TarSplitChecksumKey = "io.github.containers.zstd-chunked.tarsplit-checksum"
+ //
+ // Deprecated: This field should never be relied on - use the digest in the TOC instead.
+ TarSplitChecksumKey = "io.github.containers.zstd-chunked.tarsplit-checksum"
// ManifestTypeCRFS is a manifest file compatible with the CRFS TOC file.
ManifestTypeCRFS = 1
diff --git a/vendor/go.podman.io/storage/pkg/chunked/storage_linux.go b/vendor/go.podman.io/storage/pkg/chunked/storage_linux.go
index e6e3c9c6d1..23baef9a45 100644
--- a/vendor/go.podman.io/storage/pkg/chunked/storage_linux.go
+++ b/vendor/go.podman.io/storage/pkg/chunked/storage_linux.go
@@ -1277,7 +1277,7 @@ func ensureAllBlobsDone(streamsOrErrors chan streamOrErr) (retErr error) {
retErr = soe.err
}
}
- return
+ return retErr
}
// getBlobAtConverterGoroutine reads from the streams and errs channels, then sends
diff --git a/vendor/go.podman.io/storage/pkg/chunked/toc/toc.go b/vendor/go.podman.io/storage/pkg/chunked/toc/toc.go
index 7059b5406d..fafa40e607 100644
--- a/vendor/go.podman.io/storage/pkg/chunked/toc/toc.go
+++ b/vendor/go.podman.io/storage/pkg/chunked/toc/toc.go
@@ -7,6 +7,20 @@ import (
"go.podman.io/storage/pkg/chunked/internal/minimal"
)
+// ChunkedAnnotations contains various annotations that might be set or used by the pkg/chunked-supported
+// compression formats.
+//
+// This set does not define their semantics in detail as a public API.
+// The _only_ intended use of this set is: code that _changes_ layer compression to a format
+// which is not chunked can/should remove these annotations.
+var ChunkedAnnotations = map[string]struct{}{
+ minimal.ManifestChecksumKey: {},
+ minimal.ManifestInfoKey: {},
+ minimal.TarSplitInfoKey: {},
+ minimal.TarSplitChecksumKey: {}, //nolint:staticcheck // The field is deprecated, so removing it when changing compressionn is all the more desirable.
+ tocJSONDigestAnnotation: {},
+}
+
// tocJSONDigestAnnotation is the annotation key for the digest of the estargz
// TOC JSON.
// It is defined in github.com/containerd/stargz-snapshotter/estargz as TOCJSONDigestAnnotation
diff --git a/vendor/go.podman.io/storage/pkg/config/config.go b/vendor/go.podman.io/storage/pkg/config/config.go
index 560df3cf5e..bf350c43cc 100644
--- a/vendor/go.podman.io/storage/pkg/config/config.go
+++ b/vendor/go.podman.io/storage/pkg/config/config.go
@@ -5,11 +5,6 @@ import (
"os"
)
-type AufsOptionsConfig struct {
- // MountOpt specifies extra mount options used when mounting
- MountOpt string `toml:"mountopt,omitempty"`
-}
-
type BtrfsOptionsConfig struct {
// MinSpace is the minimal spaces allocated to the device
MinSpace string `toml:"min_space,omitempty"`
@@ -98,9 +93,6 @@ type OptionsConfig struct {
// created automatically.
AutoUsernsMaxSize uint32 `toml:"auto-userns-max-size,omitempty"`
- // Aufs container options to be handed to aufs drivers
- Aufs struct{ AufsOptionsConfig } `toml:"aufs,omitempty"`
-
// Btrfs container options to be handed to btrfs drivers
Btrfs struct{ BtrfsOptionsConfig } `toml:"btrfs,omitempty"`
@@ -137,13 +129,6 @@ type OptionsConfig struct {
func GetGraphDriverOptions(driverName string, options OptionsConfig) []string {
var doptions []string
switch driverName {
- case "aufs":
- if options.Aufs.MountOpt != "" {
- return append(doptions, fmt.Sprintf("%s.mountopt=%s", driverName, options.Aufs.MountOpt))
- } else if options.MountOpt != "" {
- doptions = append(doptions, fmt.Sprintf("%s.mountopt=%s", driverName, options.MountOpt))
- }
-
case "btrfs":
if options.Btrfs.MinSpace != "" {
return append(doptions, fmt.Sprintf("%s.min_space=%s", driverName, options.Btrfs.MinSpace))
diff --git a/vendor/go.podman.io/storage/pkg/directory/directory_unix.go b/vendor/go.podman.io/storage/pkg/directory/directory_unix.go
index 9855abd13e..8f0a373911 100644
--- a/vendor/go.podman.io/storage/pkg/directory/directory_unix.go
+++ b/vendor/go.podman.io/storage/pkg/directory/directory_unix.go
@@ -19,10 +19,10 @@ func Size(dir string) (size int64, err error) {
}
// Usage walks a directory tree and returns its total size in bytes and the number of inodes.
-func Usage(dir string) (usage *DiskUsage, err error) {
- usage = &DiskUsage{}
+func Usage(dir string) (*DiskUsage, error) {
+ usage := &DiskUsage{}
data := make(map[uint64]struct{})
- err = filepath.WalkDir(dir, func(d string, entry fs.DirEntry, err error) error {
+ err := filepath.WalkDir(dir, func(d string, entry fs.DirEntry, err error) error {
if err != nil {
// if dir does not exist, Usage() returns the error.
// if dir/x disappeared while walking, Usage() ignores dir/x.
@@ -58,5 +58,5 @@ func Usage(dir string) (usage *DiskUsage, err error) {
})
// inode count is the number of unique inode numbers we saw
usage.InodeCount = int64(len(data))
- return
+ return usage, err
}
diff --git a/vendor/go.podman.io/storage/pkg/directory/directory_windows.go b/vendor/go.podman.io/storage/pkg/directory/directory_windows.go
index c2145c26fc..6acedcc8ce 100644
--- a/vendor/go.podman.io/storage/pkg/directory/directory_windows.go
+++ b/vendor/go.podman.io/storage/pkg/directory/directory_windows.go
@@ -18,9 +18,9 @@ func Size(dir string) (size int64, err error) {
}
// Usage walks a directory tree and returns its total size in bytes and the number of inodes.
-func Usage(dir string) (usage *DiskUsage, err error) {
- usage = &DiskUsage{}
- err = filepath.WalkDir(dir, func(path string, d fs.DirEntry, err error) error {
+func Usage(dir string) (*DiskUsage, error) {
+ usage := &DiskUsage{}
+ err := filepath.WalkDir(dir, func(path string, d fs.DirEntry, err error) error {
if err != nil {
// if dir does not exist, Size() returns the error.
// if dir/x disappeared while walking, Size() ignores dir/x.
@@ -48,5 +48,5 @@ func Usage(dir string) (usage *DiskUsage, err error) {
return nil
})
- return
+ return usage, err
}
diff --git a/vendor/go.podman.io/storage/pkg/fileutils/fileutils.go b/vendor/go.podman.io/storage/pkg/fileutils/fileutils.go
index 85ce2d5260..434979825c 100644
--- a/vendor/go.podman.io/storage/pkg/fileutils/fileutils.go
+++ b/vendor/go.podman.io/storage/pkg/fileutils/fileutils.go
@@ -51,7 +51,6 @@ func NewPatternMatcher(patterns []string) (*PatternMatcher, error) {
return nil, err
}
newp.cleanedPattern = p
- newp.dirs = strings.Split(p, string(os.PathSeparator))
pm.patterns = append(pm.patterns, newp)
}
return pm, nil
@@ -168,7 +167,6 @@ func (pm *PatternMatcher) Patterns() []*Pattern {
// Pattern defines a single regexp used to filter file paths.
type Pattern struct {
cleanedPattern string
- dirs []string
regexp *regexp.Regexp
exclusion bool
}
diff --git a/vendor/go.podman.io/storage/pkg/idtools/idtools_unix.go b/vendor/go.podman.io/storage/pkg/idtools/idtools_unix.go
index 817b59aed1..e7c2643676 100644
--- a/vendor/go.podman.io/storage/pkg/idtools/idtools_unix.go
+++ b/vendor/go.podman.io/storage/pkg/idtools/idtools_unix.go
@@ -8,7 +8,6 @@ import (
"io"
"os"
"path/filepath"
- "strings"
"sync"
"syscall"
@@ -112,7 +111,7 @@ func LookupUser(username string) (user.User, error) {
return usr, nil
}
// local files lookup failed; attempt to call `getent` to query configured passwd dbs
- usr, err = getentUser(fmt.Sprintf("%s %s", "passwd", username))
+ usr, err = getentUser(username)
if err != nil {
return user.User{}, err
}
@@ -128,11 +127,11 @@ func LookupUID(uid int) (user.User, error) {
return usr, nil
}
// local files lookup failed; attempt to call `getent` to query configured passwd dbs
- return getentUser(fmt.Sprintf("%s %d", "passwd", uid))
+ return getentUser(fmt.Sprintf("%d", uid))
}
-func getentUser(args string) (user.User, error) {
- reader, err := callGetent(args)
+func getentUser(key string) (user.User, error) {
+ reader, err := callGetent("passwd", key)
if err != nil {
return user.User{}, err
}
@@ -141,7 +140,7 @@ func getentUser(args string) (user.User, error) {
return user.User{}, err
}
if len(users) == 0 {
- return user.User{}, fmt.Errorf("getent failed to find passwd entry for %q", strings.Split(args, " ")[1])
+ return user.User{}, fmt.Errorf("getent failed to find passwd entry for %q", key)
}
return users[0], nil
}
@@ -155,7 +154,7 @@ func LookupGroup(groupname string) (user.Group, error) {
return group, nil
}
// local files lookup failed; attempt to call `getent` to query configured group dbs
- return getentGroup(fmt.Sprintf("%s %s", "group", groupname))
+ return getentGroup(groupname)
}
// LookupGID uses traditional local system files lookup (from libcontainer/user) on a group ID,
@@ -167,11 +166,11 @@ func LookupGID(gid int) (user.Group, error) {
return group, nil
}
// local files lookup failed; attempt to call `getent` to query configured group dbs
- return getentGroup(fmt.Sprintf("%s %d", "group", gid))
+ return getentGroup(fmt.Sprintf("%d", gid))
}
-func getentGroup(args string) (user.Group, error) {
- reader, err := callGetent(args)
+func getentGroup(key string) (user.Group, error) {
+ reader, err := callGetent("group", key)
if err != nil {
return user.Group{}, err
}
@@ -180,18 +179,18 @@ func getentGroup(args string) (user.Group, error) {
return user.Group{}, err
}
if len(groups) == 0 {
- return user.Group{}, fmt.Errorf("getent failed to find groups entry for %q", strings.Split(args, " ")[1])
+ return user.Group{}, fmt.Errorf("getent failed to find groups entry for %q", key)
}
return groups[0], nil
}
-func callGetent(args string) (io.Reader, error) {
+func callGetent(db, key string) (io.Reader, error) {
entOnce.Do(func() { getentCmd, _ = resolveBinary("getent") })
// if no `getent` command on host, can't do anything else
if getentCmd == "" {
return nil, fmt.Errorf("")
}
- out, err := execCmd(getentCmd, args)
+ out, err := execCmd(getentCmd, db, key)
if err != nil {
exitCode, errC := system.GetExitCode(err)
if errC != nil {
@@ -201,8 +200,7 @@ func callGetent(args string) (io.Reader, error) {
case 1:
return nil, fmt.Errorf("getent reported invalid parameters/database unknown")
case 2:
- terms := strings.Split(args, " ")
- return nil, fmt.Errorf("getent unable to find entry %q in %s database", terms[1], terms[0])
+ return nil, fmt.Errorf("getent unable to find entry %q in %s database", key, db)
case 3:
return nil, fmt.Errorf("getent database doesn't support enumeration")
default:
diff --git a/vendor/go.podman.io/storage/pkg/idtools/usergroupadd_linux.go b/vendor/go.podman.io/storage/pkg/idtools/usergroupadd_linux.go
index d2ff4466c1..ee80ce6a78 100644
--- a/vendor/go.podman.io/storage/pkg/idtools/usergroupadd_linux.go
+++ b/vendor/go.podman.io/storage/pkg/idtools/usergroupadd_linux.go
@@ -2,6 +2,7 @@ package idtools
import (
"fmt"
+ "slices"
"sort"
"strconv"
"strings"
@@ -17,19 +18,12 @@ import (
var (
once sync.Once
- userCommand string
-
- cmdTemplates = map[string]string{
- "adduser": "--system --shell /bin/false --no-create-home --disabled-login --disabled-password --group %s",
- "useradd": "-r -s /bin/false %s",
- "usermod": "-%s %d-%d %s",
- }
+ userCommand []string // command, args…, to be finished by adding an user name
idOutRegexp = regexp.Delayed(`uid=([0-9]+).*gid=([0-9]+)`)
// default length for a UID/GID subordinate range
defaultRangeLen = 65536
defaultRangeStart = 100000
- userMod = "usermod"
)
// AddNamespaceRangesUser takes a username and uses the standard system
@@ -72,16 +66,16 @@ func addUser(userName string) error {
once.Do(func() {
// set up which commands are used for adding users/groups dependent on distro
if _, err := resolveBinary("adduser"); err == nil {
- userCommand = "adduser"
+ userCommand = []string{"adduser", "--system", "--shell", "/bin/false", "--no-create-home", "--disabled-login", "--disabled-password", "--group"}
} else if _, err := resolveBinary("useradd"); err == nil {
- userCommand = "useradd"
+ userCommand = []string{"useradd", "-r", "-s", "/bin/false"}
}
})
- if userCommand == "" {
+ if userCommand == nil {
return fmt.Errorf("cannot add user; no useradd/adduser binary found")
}
- args := fmt.Sprintf(cmdTemplates[userCommand], userName)
- out, err := execCmd(userCommand, args)
+ args := append(slices.Clone(userCommand), userName)
+ out, err := execCmd(args[0], args[1:]...)
if err != nil {
return fmt.Errorf("failed to add user with error: %w; output: %q", err, string(out))
}
@@ -101,7 +95,7 @@ func createSubordinateRanges(name string) error {
if err != nil {
return fmt.Errorf("can't find available subuid range: %w", err)
}
- out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "v", startID, startID+defaultRangeLen-1, name))
+ out, err := execCmd("usermod", "-v", fmt.Sprintf("%d-%d", startID, startID+defaultRangeLen-1), name)
if err != nil {
return fmt.Errorf("unable to add subuid range to user: %q; output: %s, err: %w", name, out, err)
}
@@ -117,7 +111,7 @@ func createSubordinateRanges(name string) error {
if err != nil {
return fmt.Errorf("can't find available subgid range: %w", err)
}
- out, err := execCmd(userMod, fmt.Sprintf(cmdTemplates[userMod], "w", startID, startID+defaultRangeLen-1, name))
+ out, err := execCmd("usermod", "-w", fmt.Sprintf("%d-%d", startID, startID+defaultRangeLen-1), name)
if err != nil {
return fmt.Errorf("unable to add subgid range to user: %q; output: %s, err: %w", name, out, err)
}
diff --git a/vendor/go.podman.io/storage/pkg/idtools/utils_unix.go b/vendor/go.podman.io/storage/pkg/idtools/utils_unix.go
index f34462a23a..10606fba8a 100644
--- a/vendor/go.podman.io/storage/pkg/idtools/utils_unix.go
+++ b/vendor/go.podman.io/storage/pkg/idtools/utils_unix.go
@@ -6,7 +6,6 @@ import (
"fmt"
"os/exec"
"path/filepath"
- "strings"
)
func resolveBinary(binname string) (string, error) {
@@ -26,7 +25,7 @@ func resolveBinary(binname string) (string, error) {
return "", fmt.Errorf("binary %q does not resolve to a binary of that name in $PATH (%q)", binname, resolvedPath)
}
-func execCmd(cmd, args string) ([]byte, error) {
- execCmd := exec.Command(cmd, strings.Split(args, " ")...)
+func execCmd(cmd string, args ...string) ([]byte, error) {
+ execCmd := exec.Command(cmd, args...)
return execCmd.CombinedOutput()
}
diff --git a/vendor/go.podman.io/storage/pkg/ioutils/bytespipe.go b/vendor/go.podman.io/storage/pkg/ioutils/bytespipe.go
index cf60580359..47ab345072 100644
--- a/vendor/go.podman.io/storage/pkg/ioutils/bytespipe.go
+++ b/vendor/go.podman.io/storage/pkg/ioutils/bytespipe.go
@@ -121,7 +121,8 @@ func (bp *BytesPipe) Close() error {
// Read reads bytes from BytesPipe.
// Data could be read only once.
-func (bp *BytesPipe) Read(p []byte) (n int, err error) {
+func (bp *BytesPipe) Read(p []byte) (int, error) {
+ var n int
bp.mu.Lock()
if bp.bufLen == 0 {
if bp.closeErr != nil {
@@ -158,7 +159,7 @@ func (bp *BytesPipe) Read(p []byte) (n int, err error) {
bp.wait.Broadcast()
bp.mu.Unlock()
- return
+ return n, nil
}
func returnBuffer(b *fixedBuffer) {
diff --git a/vendor/go.podman.io/storage/pkg/ioutils/readers.go b/vendor/go.podman.io/storage/pkg/ioutils/readers.go
index 146e1a5ff0..aed1cb0331 100644
--- a/vendor/go.podman.io/storage/pkg/ioutils/readers.go
+++ b/vendor/go.podman.io/storage/pkg/ioutils/readers.go
@@ -83,7 +83,7 @@ func (r *OnEOFReader) Read(p []byte) (n int, err error) {
if err == io.EOF {
r.runFunc()
}
- return
+ return n, err
}
// Close closes the file and run the function.
diff --git a/vendor/go.podman.io/storage/pkg/ioutils/writers.go b/vendor/go.podman.io/storage/pkg/ioutils/writers.go
index 0b6d0a7a6d..2a8007e446 100644
--- a/vendor/go.podman.io/storage/pkg/ioutils/writers.go
+++ b/vendor/go.podman.io/storage/pkg/ioutils/writers.go
@@ -59,8 +59,8 @@ func NewWriteCounter(w io.Writer) *WriteCounter {
}
}
-func (wc *WriteCounter) Write(p []byte) (count int, err error) {
- count, err = wc.Writer.Write(p)
+func (wc *WriteCounter) Write(p []byte) (int, error) {
+ count, err := wc.Writer.Write(p)
wc.Count += int64(count)
- return
+ return count, err
}
diff --git a/vendor/go.podman.io/storage/pkg/locker/README.md b/vendor/go.podman.io/storage/pkg/locker/README.md
deleted file mode 100644
index ad15e89af1..0000000000
--- a/vendor/go.podman.io/storage/pkg/locker/README.md
+++ /dev/null
@@ -1,65 +0,0 @@
-Locker
-=====
-
-locker provides a mechanism for creating finer-grained locking to help
-free up more global locks to handle other tasks.
-
-The implementation looks close to a sync.Mutex, however, the user must provide a
-reference to use to refer to the underlying lock when locking and unlocking,
-and unlock may generate an error.
-
-If a lock with a given name does not exist when `Lock` is called, one is
-created.
-Lock references are automatically cleaned up on `Unlock` if nothing else is
-waiting for the lock.
-
-
-## Usage
-
-```go
-package important
-
-import (
- "sync"
- "time"
-
- "github.com/containers/storage/pkg/locker"
-)
-
-type important struct {
- locks *locker.Locker
- data map[string]interface{}
- mu sync.Mutex
-}
-
-func (i *important) Get(name string) interface{} {
- i.locks.Lock(name)
- defer i.locks.Unlock(name)
- return data[name]
-}
-
-func (i *important) Create(name string, data interface{}) {
- i.locks.Lock(name)
- defer i.locks.Unlock(name)
-
- i.createImportant(data)
-
- s.mu.Lock()
- i.data[name] = data
- s.mu.Unlock()
-}
-
-func (i *important) createImportant(data interface{}) {
- time.Sleep(10 * time.Second)
-}
-```
-
-For functions dealing with a given name, always lock at the beginning of the
-function (or before doing anything with the underlying state), this ensures any
-other function that is dealing with the same name will block.
-
-When needing to modify the underlying data, use the global lock to ensure nothing
-else is modifying it at the same time.
-Since name lock is already in place, no reads will occur while the modification
-is being performed.
-
diff --git a/vendor/go.podman.io/storage/pkg/locker/locker.go b/vendor/go.podman.io/storage/pkg/locker/locker.go
deleted file mode 100644
index 0b22ddfab8..0000000000
--- a/vendor/go.podman.io/storage/pkg/locker/locker.go
+++ /dev/null
@@ -1,112 +0,0 @@
-/*
-Package locker provides a mechanism for creating finer-grained locking to help
-free up more global locks to handle other tasks.
-
-The implementation looks close to a sync.Mutex, however the user must provide a
-reference to use to refer to the underlying lock when locking and unlocking,
-and unlock may generate an error.
-
-If a lock with a given name does not exist when `Lock` is called, one is
-created.
-Lock references are automatically cleaned up on `Unlock` if nothing else is
-waiting for the lock.
-*/
-package locker
-
-import (
- "errors"
- "sync"
- "sync/atomic"
-)
-
-// ErrNoSuchLock is returned when the requested lock does not exist
-var ErrNoSuchLock = errors.New("no such lock")
-
-// Locker provides a locking mechanism based on the passed in reference name
-type Locker struct {
- mu sync.Mutex
- locks map[string]*lockCtr
-}
-
-// lockCtr is used by Locker to represent a lock with a given name.
-type lockCtr struct {
- mu sync.Mutex
- // waiters is the number of waiters waiting to acquire the lock
- // this is int32 instead of uint32 so we can add `-1` in `dec()`
- waiters int32
-}
-
-// inc increments the number of waiters waiting for the lock
-func (l *lockCtr) inc() {
- atomic.AddInt32(&l.waiters, 1)
-}
-
-// dec decrements the number of waiters waiting on the lock
-func (l *lockCtr) dec() {
- atomic.AddInt32(&l.waiters, -1)
-}
-
-// count gets the current number of waiters
-func (l *lockCtr) count() int32 {
- return atomic.LoadInt32(&l.waiters)
-}
-
-// Lock locks the mutex
-func (l *lockCtr) Lock() {
- l.mu.Lock()
-}
-
-// Unlock unlocks the mutex
-func (l *lockCtr) Unlock() {
- l.mu.Unlock()
-}
-
-// New creates a new Locker
-func New() *Locker {
- return &Locker{
- locks: make(map[string]*lockCtr),
- }
-}
-
-// Lock locks a mutex with the given name. If it doesn't exist, one is created
-func (l *Locker) Lock(name string) {
- l.mu.Lock()
- if l.locks == nil {
- l.locks = make(map[string]*lockCtr)
- }
-
- nameLock, exists := l.locks[name]
- if !exists {
- nameLock = &lockCtr{}
- l.locks[name] = nameLock
- }
-
- // increment the nameLock waiters while inside the main mutex
- // this makes sure that the lock isn't deleted if `Lock` and `Unlock` are called concurrently
- nameLock.inc()
- l.mu.Unlock()
-
- // Lock the nameLock outside the main mutex so we don't block other operations
- // once locked then we can decrement the number of waiters for this lock
- nameLock.Lock()
- nameLock.dec()
-}
-
-// Unlock unlocks the mutex with the given name
-// If the given lock is not being waited on by any other callers, it is deleted
-func (l *Locker) Unlock(name string) error {
- l.mu.Lock()
- nameLock, exists := l.locks[name]
- if !exists {
- l.mu.Unlock()
- return ErrNoSuchLock
- }
-
- if nameLock.count() == 0 {
- delete(l.locks, name)
- }
- nameLock.Unlock()
-
- l.mu.Unlock()
- return nil
-}
diff --git a/vendor/go.podman.io/storage/pkg/mount/flags.go b/vendor/go.podman.io/storage/pkg/mount/flags.go
index 40a229932b..9325e25977 100644
--- a/vendor/go.podman.io/storage/pkg/mount/flags.go
+++ b/vendor/go.podman.io/storage/pkg/mount/flags.go
@@ -119,7 +119,7 @@ func ParseOptions(options string) (int, string) {
data []string
)
- for _, o := range strings.Split(options, ",") {
+ for o := range strings.SplitSeq(options, ",") {
// If the option does not exist in the flags table or the flag
// is not supported on the platform,
// then it is a data value for a specific fs type
@@ -139,7 +139,7 @@ func ParseOptions(options string) (int, string) {
// ParseTmpfsOptions parse fstab type mount options into flags and data
func ParseTmpfsOptions(options string) (int, string, error) {
flags, data := ParseOptions(options)
- for _, o := range strings.Split(data, ",") {
+ for o := range strings.SplitSeq(data, ",") {
opt, _, _ := strings.Cut(o, "=")
if !validFlags[opt] {
return 0, "", fmt.Errorf("invalid tmpfs option %q", opt)
diff --git a/vendor/go.podman.io/storage/pkg/mount/mounter_freebsd.go b/vendor/go.podman.io/storage/pkg/mount/mounter_freebsd.go
index 61d6d1c595..1c99ff4618 100644
--- a/vendor/go.podman.io/storage/pkg/mount/mounter_freebsd.go
+++ b/vendor/go.podman.io/storage/pkg/mount/mounter_freebsd.go
@@ -33,8 +33,7 @@ func mount(device, target, mType string, flag uintptr, data string) error {
options := []string{"fspath", target}
if data != "" {
- xs := strings.Split(data, ",")
- for _, x := range xs {
+ for x := range strings.SplitSeq(data, ",") {
if x == "bind" {
isNullFS = true
continue
diff --git a/vendor/go.podman.io/storage/pkg/parsers/parsers.go b/vendor/go.podman.io/storage/pkg/parsers/parsers.go
index 7b20b06287..d87358e6e0 100644
--- a/vendor/go.podman.io/storage/pkg/parsers/parsers.go
+++ b/vendor/go.podman.io/storage/pkg/parsers/parsers.go
@@ -38,10 +38,9 @@ func ParseUintList(val string) (map[int]bool, error) {
}
availableInts := make(map[int]bool)
- split := strings.Split(val, ",")
errInvalidFormat := fmt.Errorf("invalid format: %s", val)
- for _, r := range split {
+ for r := range strings.SplitSeq(val, ",") {
minS, maxS, ok := strings.Cut(r, "-")
if !ok {
v, err := strconv.Atoi(r)
diff --git a/vendor/go.podman.io/storage/pkg/pools/pools.go b/vendor/go.podman.io/storage/pkg/pools/pools.go
index 78b729c2e3..1179d9b933 100644
--- a/vendor/go.podman.io/storage/pkg/pools/pools.go
+++ b/vendor/go.podman.io/storage/pkg/pools/pools.go
@@ -59,11 +59,11 @@ func (bufPool *BufioReaderPool) Put(b *bufio.Reader) {
}
// Copy is a convenience wrapper which uses a buffer to avoid allocation in io.Copy.
-func Copy(dst io.Writer, src io.Reader) (written int64, err error) {
+func Copy(dst io.Writer, src io.Reader) (int64, error) {
buf := BufioReader32KPool.Get(src)
- written, err = io.Copy(dst, buf)
+ written, err := io.Copy(dst, buf)
BufioReader32KPool.Put(buf)
- return
+ return written, err
}
// NewReadCloserWrapper returns a wrapper which puts the bufio.Reader back
diff --git a/vendor/go.podman.io/storage/pkg/system/exitcode.go b/vendor/go.podman.io/storage/pkg/system/exitcode.go
index 60f0514b1d..4d7b5c8805 100644
--- a/vendor/go.podman.io/storage/pkg/system/exitcode.go
+++ b/vendor/go.podman.io/storage/pkg/system/exitcode.go
@@ -29,5 +29,5 @@ func ProcessExitCode(err error) (exitCode int) {
exitCode = 127
}
}
- return
+ return exitCode
}
diff --git a/vendor/go.podman.io/storage/pkg/system/stat_netbsd.go b/vendor/go.podman.io/storage/pkg/system/stat_netbsd.go
index 715f05b938..57850a883f 100644
--- a/vendor/go.podman.io/storage/pkg/system/stat_netbsd.go
+++ b/vendor/go.podman.io/storage/pkg/system/stat_netbsd.go
@@ -4,10 +4,12 @@ import "syscall"
// fromStatT converts a syscall.Stat_t type to a system.Stat_t type
func fromStatT(s *syscall.Stat_t) (*StatT, error) {
- return &StatT{size: s.Size,
+ return &StatT{
+ size: s.Size,
mode: uint32(s.Mode),
uid: s.Uid,
gid: s.Gid,
rdev: uint64(s.Rdev),
- mtim: s.Mtimespec}, nil
+ mtim: s.Mtimespec,
+ }, nil
}
diff --git a/vendor/go.podman.io/storage/pkg/system/xattrs_darwin.go b/vendor/go.podman.io/storage/pkg/system/xattrs_darwin.go
index 27ada2083e..d574e9e61c 100644
--- a/vendor/go.podman.io/storage/pkg/system/xattrs_darwin.go
+++ b/vendor/go.podman.io/storage/pkg/system/xattrs_darwin.go
@@ -74,7 +74,7 @@ func Llistxattr(path string) ([]string, error) {
}
var attrs []string
- for _, token := range bytes.Split(dest[:sz], []byte{0}) {
+ for token := range bytes.SplitSeq(dest[:sz], []byte{0}) {
if len(token) > 0 {
attrs = append(attrs, string(token))
}
diff --git a/vendor/go.podman.io/storage/pkg/system/xattrs_freebsd.go b/vendor/go.podman.io/storage/pkg/system/xattrs_freebsd.go
index 5d653976e5..f62f5f7454 100644
--- a/vendor/go.podman.io/storage/pkg/system/xattrs_freebsd.go
+++ b/vendor/go.podman.io/storage/pkg/system/xattrs_freebsd.go
@@ -17,12 +17,10 @@ const (
EOVERFLOW unix.Errno = unix.EOVERFLOW
)
-var (
- namespaceMap = map[string]int{
- "user": EXTATTR_NAMESPACE_USER,
- "system": EXTATTR_NAMESPACE_SYSTEM,
- }
-)
+var namespaceMap = map[string]int{
+ "user": EXTATTR_NAMESPACE_USER,
+ "system": EXTATTR_NAMESPACE_SYSTEM,
+}
func xattrToExtattr(xattr string) (namespace int, extattr string, err error) {
namespaceName, extattr, found := strings.Cut(xattr, ".")
diff --git a/vendor/go.podman.io/storage/pkg/system/xattrs_linux.go b/vendor/go.podman.io/storage/pkg/system/xattrs_linux.go
index 12462cca33..3322707a43 100644
--- a/vendor/go.podman.io/storage/pkg/system/xattrs_linux.go
+++ b/vendor/go.podman.io/storage/pkg/system/xattrs_linux.go
@@ -77,7 +77,7 @@ func Llistxattr(path string) ([]string, error) {
}
var attrs []string
- for _, token := range bytes.Split(dest[:sz], []byte{0}) {
+ for token := range bytes.SplitSeq(dest[:sz], []byte{0}) {
if len(token) > 0 {
attrs = append(attrs, string(token))
}
diff --git a/vendor/go.podman.io/storage/pkg/truncindex/truncindex.go b/vendor/go.podman.io/storage/pkg/truncindex/truncindex.go
index c14a5cc4d2..9b60338aa9 100644
--- a/vendor/go.podman.io/storage/pkg/truncindex/truncindex.go
+++ b/vendor/go.podman.io/storage/pkg/truncindex/truncindex.go
@@ -43,8 +43,8 @@ type TruncIndex struct {
// NewTruncIndex creates a new TruncIndex and initializes with a list of IDs.
// Invalid IDs are _silently_ ignored.
-func NewTruncIndex(ids []string) (idx *TruncIndex) {
- idx = &TruncIndex{
+func NewTruncIndex(ids []string) *TruncIndex {
+ idx := &TruncIndex{
ids: make(map[string]struct{}),
// Change patricia max prefix per node length,
@@ -54,7 +54,7 @@ func NewTruncIndex(ids []string) (idx *TruncIndex) {
for _, id := range ids {
_ = idx.addID(id) // Ignore invalid IDs. Duplicate IDs are not a problem.
}
- return
+ return idx
}
func (idx *TruncIndex) addID(id string) error {
diff --git a/vendor/go.podman.io/storage/store.go b/vendor/go.podman.io/storage/store.go
index fa34f4eecc..84019a4947 100644
--- a/vendor/go.podman.io/storage/store.go
+++ b/vendor/go.podman.io/storage/store.go
@@ -3496,7 +3496,6 @@ func (s *store) ImagesByTopLayer(id string) ([]*Image, error) {
return struct{}{}, true, err
}
for _, image := range imageList {
- image := image
if image.TopLayer == layer.ID || stringutils.InSlice(image.MappedTopLayers, layer.ID) {
images = append(images, &image)
}
diff --git a/vendor/go.podman.io/storage/types/options.go b/vendor/go.podman.io/storage/types/options.go
index 2c2be5c22d..8af7c9c405 100644
--- a/vendor/go.podman.io/storage/types/options.go
+++ b/vendor/go.podman.io/storage/types/options.go
@@ -5,6 +5,7 @@ import (
"fmt"
"os"
"path/filepath"
+ "slices"
"strings"
"sync"
"time"
@@ -362,7 +363,7 @@ func getRootlessStorageOpts(systemOpts StoreOptions) (StoreOptions, error) {
}
if os.Getenv("STORAGE_OPTS") != "" {
- opts.GraphDriverOptions = append(opts.GraphDriverOptions, strings.Split(os.Getenv("STORAGE_OPTS"), ",")...)
+ opts.GraphDriverOptions = slices.AppendSeq(opts.GraphDriverOptions, strings.SplitSeq(os.Getenv("STORAGE_OPTS"), ","))
}
return opts, nil
diff --git a/vendor/golang.org/x/crypto/curve25519/curve25519.go b/vendor/golang.org/x/crypto/curve25519/curve25519.go
index 8ff087df4c..048faef3a5 100644
--- a/vendor/golang.org/x/crypto/curve25519/curve25519.go
+++ b/vendor/golang.org/x/crypto/curve25519/curve25519.go
@@ -3,11 +3,14 @@
// license that can be found in the LICENSE file.
// Package curve25519 provides an implementation of the X25519 function, which
-// performs scalar multiplication on the elliptic curve known as Curve25519.
-// See RFC 7748.
+// performs scalar multiplication on the elliptic curve known as Curve25519
+// according to [RFC 7748].
//
-// This package is a wrapper for the X25519 implementation
-// in the crypto/ecdh package.
+// The curve25519 package is a wrapper for the X25519 implementation in the
+// crypto/ecdh package. It is [frozen] and is not accepting new features.
+//
+// [RFC 7748]: https://datatracker.ietf.org/doc/html/rfc7748
+// [frozen]: https://go.dev/wiki/Frozen
package curve25519
import "crypto/ecdh"
diff --git a/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go b/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go
index 3685b34458..75df77406d 100644
--- a/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go
+++ b/vendor/golang.org/x/crypto/salsa20/salsa/hsalsa20.go
@@ -3,6 +3,10 @@
// license that can be found in the LICENSE file.
// Package salsa provides low-level access to functions in the Salsa family.
+//
+// Deprecated: this package exposes unsafe low-level operations. New applications
+// should consider using the AEAD construction in golang.org/x/crypto/chacha20poly1305
+// instead. Existing users should migrate to golang.org/x/crypto/salsa20.
package salsa
import "math/bits"
diff --git a/vendor/golang.org/x/crypto/ssh/agent/client.go b/vendor/golang.org/x/crypto/ssh/agent/client.go
index 37525e1a18..b357e18b0a 100644
--- a/vendor/golang.org/x/crypto/ssh/agent/client.go
+++ b/vendor/golang.org/x/crypto/ssh/agent/client.go
@@ -430,8 +430,9 @@ func (c *client) List() ([]*Key, error) {
return keys, nil
case *failureAgentMsg:
return nil, errors.New("agent: failed to list keys")
+ default:
+ return nil, fmt.Errorf("agent: failed to list keys, unexpected message type %T", msg)
}
- panic("unreachable")
}
// Sign has the agent sign the data using a protocol 2 key as defined
@@ -462,8 +463,9 @@ func (c *client) SignWithFlags(key ssh.PublicKey, data []byte, flags SignatureFl
return &sig, nil
case *failureAgentMsg:
return nil, errors.New("agent: failed to sign challenge")
+ default:
+ return nil, fmt.Errorf("agent: failed to sign challenge, unexpected message type %T", msg)
}
- panic("unreachable")
}
// unmarshal parses an agent message in packet, returning the parsed
diff --git a/vendor/golang.org/x/crypto/ssh/cipher.go b/vendor/golang.org/x/crypto/ssh/cipher.go
index 6a5b582aa9..7554ed57a9 100644
--- a/vendor/golang.org/x/crypto/ssh/cipher.go
+++ b/vendor/golang.org/x/crypto/ssh/cipher.go
@@ -8,6 +8,7 @@ import (
"crypto/aes"
"crypto/cipher"
"crypto/des"
+ "crypto/fips140"
"crypto/rc4"
"crypto/subtle"
"encoding/binary"
@@ -15,6 +16,7 @@ import (
"fmt"
"hash"
"io"
+ "slices"
"golang.org/x/crypto/chacha20"
"golang.org/x/crypto/internal/poly1305"
@@ -93,41 +95,41 @@ func streamCipherMode(skip int, createFunc func(key, iv []byte) (cipher.Stream,
}
// cipherModes documents properties of supported ciphers. Ciphers not included
-// are not supported and will not be negotiated, even if explicitly requested in
-// ClientConfig.Crypto.Ciphers.
-var cipherModes = map[string]*cipherMode{
- // Ciphers from RFC 4344, which introduced many CTR-based ciphers. Algorithms
- // are defined in the order specified in the RFC.
- CipherAES128CTR: {16, aes.BlockSize, streamCipherMode(0, newAESCTR)},
- CipherAES192CTR: {24, aes.BlockSize, streamCipherMode(0, newAESCTR)},
- CipherAES256CTR: {32, aes.BlockSize, streamCipherMode(0, newAESCTR)},
+// are not supported and will not be negotiated, even if explicitly configured.
+// When FIPS mode is enabled, only FIPS-approved algorithms are included.
+var cipherModes = map[string]*cipherMode{}
- // Ciphers from RFC 4345, which introduces security-improved arcfour ciphers.
- // They are defined in the order specified in the RFC.
- InsecureCipherRC4128: {16, 0, streamCipherMode(1536, newRC4)},
- InsecureCipherRC4256: {32, 0, streamCipherMode(1536, newRC4)},
+func init() {
+ cipherModes[CipherAES128CTR] = &cipherMode{16, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+ cipherModes[CipherAES192CTR] = &cipherMode{24, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+ cipherModes[CipherAES256CTR] = &cipherMode{32, aes.BlockSize, streamCipherMode(0, newAESCTR)}
+ // Use of GCM with arbitrary IVs is not allowed in FIPS 140-only mode,
+ // we'll wire it up to NewGCMForSSH in Go 1.26.
+ //
+ // For now it means we'll work with fips140=on but not fips140=only.
+ cipherModes[CipherAES128GCM] = &cipherMode{16, 12, newGCMCipher}
+ cipherModes[CipherAES256GCM] = &cipherMode{32, 12, newGCMCipher}
- // Cipher defined in RFC 4253, which describes SSH Transport Layer Protocol.
- // Note that this cipher is not safe, as stated in RFC 4253: "Arcfour (and
- // RC4) has problems with weak keys, and should be used with caution."
- // RFC 4345 introduces improved versions of Arcfour.
- InsecureCipherRC4: {16, 0, streamCipherMode(0, newRC4)},
-
- // AEAD ciphers
- CipherAES128GCM: {16, 12, newGCMCipher},
- CipherAES256GCM: {32, 12, newGCMCipher},
- CipherChaCha20Poly1305: {64, 0, newChaCha20Cipher},
+ if fips140.Enabled() {
+ defaultCiphers = slices.DeleteFunc(defaultCiphers, func(algo string) bool {
+ _, ok := cipherModes[algo]
+ return !ok
+ })
+ return
+ }
+ cipherModes[CipherChaCha20Poly1305] = &cipherMode{64, 0, newChaCha20Cipher}
+ // Insecure ciphers not included in the default configuration.
+ cipherModes[InsecureCipherRC4128] = &cipherMode{16, 0, streamCipherMode(1536, newRC4)}
+ cipherModes[InsecureCipherRC4256] = &cipherMode{32, 0, streamCipherMode(1536, newRC4)}
+ cipherModes[InsecureCipherRC4] = &cipherMode{16, 0, streamCipherMode(0, newRC4)}
// CBC mode is insecure and so is not included in the default config.
// (See https://www.ieee-security.org/TC/SP2013/papers/4977a526.pdf). If absolutely
// needed, it's possible to specify a custom Config to enable it.
// You should expect that an active attacker can recover plaintext if
// you do.
- InsecureCipherAES128CBC: {16, aes.BlockSize, newAESCBCCipher},
-
- // 3des-cbc is insecure and is not included in the default
- // config.
- InsecureCipherTripleDESCBC: {24, des.BlockSize, newTripleDESCBCCipher},
+ cipherModes[InsecureCipherAES128CBC] = &cipherMode{16, aes.BlockSize, newAESCBCCipher}
+ cipherModes[InsecureCipherTripleDESCBC] = &cipherMode{24, des.BlockSize, newTripleDESCBCCipher}
}
// prefixLen is the length of the packet prefix that contains the packet length
diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go
index c12818fdc5..3127e49903 100644
--- a/vendor/golang.org/x/crypto/ssh/client_auth.go
+++ b/vendor/golang.org/x/crypto/ssh/client_auth.go
@@ -9,6 +9,7 @@ import (
"errors"
"fmt"
"io"
+ "slices"
"strings"
)
@@ -83,7 +84,7 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
// success
return nil
} else if ok == authFailure {
- if m := auth.method(); !contains(tried, m) {
+ if m := auth.method(); !slices.Contains(tried, m) {
tried = append(tried, m)
}
}
@@ -97,7 +98,7 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
findNext:
for _, a := range config.Auth {
candidateMethod := a.method()
- if contains(tried, candidateMethod) {
+ if slices.Contains(tried, candidateMethod) {
continue
}
for _, meth := range methods {
@@ -117,15 +118,6 @@ func (c *connection) clientAuthenticate(config *ClientConfig) error {
return fmt.Errorf("ssh: unable to authenticate, attempted methods %v, no supported methods remain", tried)
}
-func contains(list []string, e string) bool {
- for _, s := range list {
- if s == e {
- return true
- }
- }
- return false
-}
-
// An AuthMethod represents an instance of an RFC 4252 authentication method.
type AuthMethod interface {
// auth authenticates user over transport t.
@@ -255,7 +247,7 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiA
// Fallback to use if there is no "server-sig-algs" extension or a
// common algorithm cannot be found. We use the public key format if the
// MultiAlgorithmSigner supports it, otherwise we return an error.
- if !contains(as.Algorithms(), underlyingAlgo(keyFormat)) {
+ if !slices.Contains(as.Algorithms(), underlyingAlgo(keyFormat)) {
return "", fmt.Errorf("ssh: no common public key signature algorithm, server only supports %q for key type %q, signer only supports %v",
underlyingAlgo(keyFormat), keyFormat, as.Algorithms())
}
@@ -284,7 +276,7 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiA
// Filter algorithms based on those supported by MultiAlgorithmSigner.
var keyAlgos []string
for _, algo := range algorithmsForKeyFormat(keyFormat) {
- if contains(as.Algorithms(), underlyingAlgo(algo)) {
+ if slices.Contains(as.Algorithms(), underlyingAlgo(algo)) {
keyAlgos = append(keyAlgos, algo)
}
}
@@ -334,7 +326,7 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
// the key try to use the obtained algorithm as if "server-sig-algs" had
// not been implemented if supported from the algorithm signer.
if !ok && idx < origSignersLen && isRSACert(algo) && algo != CertAlgoRSAv01 {
- if contains(as.Algorithms(), KeyAlgoRSA) {
+ if slices.Contains(as.Algorithms(), KeyAlgoRSA) {
// We retry using the compat algorithm after all signers have
// been tried normally.
signers = append(signers, &multiAlgorithmSigner{
@@ -385,7 +377,7 @@ func (cb publicKeyCallback) auth(session []byte, user string, c packetConn, rand
// contain the "publickey" method, do not attempt to authenticate with any
// other keys. According to RFC 4252 Section 7, the latter can occur when
// additional authentication methods are required.
- if success == authSuccess || !contains(methods, cb.method()) {
+ if success == authSuccess || !slices.Contains(methods, cb.method()) {
return success, methods, err
}
}
@@ -434,7 +426,7 @@ func confirmKeyAck(key PublicKey, c packetConn) (bool, error) {
// servers send the key type instead. OpenSSH allows any algorithm
// that matches the public key, so we do the same.
// https://github.com/openssh/openssh-portable/blob/86bdd385/sshconnect2.c#L709
- if !contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
+ if !slices.Contains(algorithmsForKeyFormat(key.Type()), msg.Algo) {
return false, nil
}
if !bytes.Equal(msg.PubKey, pubKey) {
diff --git a/vendor/golang.org/x/crypto/ssh/common.go b/vendor/golang.org/x/crypto/ssh/common.go
index 8bfad16c41..2e44e9c9ec 100644
--- a/vendor/golang.org/x/crypto/ssh/common.go
+++ b/vendor/golang.org/x/crypto/ssh/common.go
@@ -6,6 +6,7 @@ package ssh
import (
"crypto"
+ "crypto/fips140"
"crypto/rand"
"fmt"
"io"
@@ -256,6 +257,40 @@ type Algorithms struct {
PublicKeyAuths []string
}
+func init() {
+ if fips140.Enabled() {
+ defaultHostKeyAlgos = slices.DeleteFunc(defaultHostKeyAlgos, func(algo string) bool {
+ _, err := hashFunc(underlyingAlgo(algo))
+ return err != nil
+ })
+ defaultPubKeyAuthAlgos = slices.DeleteFunc(defaultPubKeyAuthAlgos, func(algo string) bool {
+ _, err := hashFunc(underlyingAlgo(algo))
+ return err != nil
+ })
+ }
+}
+
+func hashFunc(format string) (crypto.Hash, error) {
+ switch format {
+ case KeyAlgoRSASHA256, KeyAlgoECDSA256, KeyAlgoSKED25519, KeyAlgoSKECDSA256:
+ return crypto.SHA256, nil
+ case KeyAlgoECDSA384:
+ return crypto.SHA384, nil
+ case KeyAlgoRSASHA512, KeyAlgoECDSA521:
+ return crypto.SHA512, nil
+ case KeyAlgoED25519:
+ // KeyAlgoED25519 doesn't pre-hash.
+ return 0, nil
+ case KeyAlgoRSA, InsecureKeyAlgoDSA:
+ if fips140.Enabled() {
+ return 0, fmt.Errorf("ssh: hash algorithm for format %q not allowed in FIPS 140 mode", format)
+ }
+ return crypto.SHA1, nil
+ default:
+ return 0, fmt.Errorf("ssh: hash algorithm for format %q not mapped", format)
+ }
+}
+
// SupportedAlgorithms returns algorithms currently implemented by this package,
// excluding those with security issues, which are returned by
// InsecureAlgorithms. The algorithms listed here are in preference order.
@@ -283,21 +318,6 @@ func InsecureAlgorithms() Algorithms {
var supportedCompressions = []string{compressionNone}
-// hashFuncs keeps the mapping of supported signature algorithms to their
-// respective hashes needed for signing and verification.
-var hashFuncs = map[string]crypto.Hash{
- KeyAlgoRSA: crypto.SHA1,
- KeyAlgoRSASHA256: crypto.SHA256,
- KeyAlgoRSASHA512: crypto.SHA512,
- InsecureKeyAlgoDSA: crypto.SHA1,
- KeyAlgoECDSA256: crypto.SHA256,
- KeyAlgoECDSA384: crypto.SHA384,
- KeyAlgoECDSA521: crypto.SHA512,
- // KeyAlgoED25519 doesn't pre-hash.
- KeyAlgoSKECDSA256: crypto.SHA256,
- KeyAlgoSKED25519: crypto.SHA256,
-}
-
// algorithmsForKeyFormat returns the supported signature algorithms for a given
// public key format (PublicKey.Type), in order of preference. See RFC 8332,
// Section 2. See also the note in sendKexInit on backwards compatibility.
@@ -312,11 +332,40 @@ func algorithmsForKeyFormat(keyFormat string) []string {
}
}
+// keyFormatForAlgorithm returns the key format corresponding to the given
+// signature algorithm. It returns an empty string if the signature algorithm is
+// invalid or unsupported.
+func keyFormatForAlgorithm(sigAlgo string) string {
+ switch sigAlgo {
+ case KeyAlgoRSA, KeyAlgoRSASHA256, KeyAlgoRSASHA512:
+ return KeyAlgoRSA
+ case CertAlgoRSAv01, CertAlgoRSASHA256v01, CertAlgoRSASHA512v01:
+ return CertAlgoRSAv01
+ case KeyAlgoED25519,
+ KeyAlgoSKED25519,
+ KeyAlgoSKECDSA256,
+ KeyAlgoECDSA256,
+ KeyAlgoECDSA384,
+ KeyAlgoECDSA521,
+ InsecureKeyAlgoDSA,
+ InsecureCertAlgoDSAv01,
+ CertAlgoECDSA256v01,
+ CertAlgoECDSA384v01,
+ CertAlgoECDSA521v01,
+ CertAlgoSKECDSA256v01,
+ CertAlgoED25519v01,
+ CertAlgoSKED25519v01:
+ return sigAlgo
+ default:
+ return ""
+ }
+}
+
// isRSA returns whether algo is a supported RSA algorithm, including certificate
// algorithms.
func isRSA(algo string) bool {
algos := algorithmsForKeyFormat(KeyAlgoRSA)
- return contains(algos, underlyingAlgo(algo))
+ return slices.Contains(algos, underlyingAlgo(algo))
}
func isRSACert(algo string) bool {
@@ -515,7 +564,7 @@ func (c *Config) SetDefaults() {
if kexAlgoMap[k] != nil {
// Ignore the KEX if we have no kexAlgoMap definition.
kexs = append(kexs, k)
- if k == KeyExchangeCurve25519 && !contains(c.KeyExchanges, keyExchangeCurve25519LibSSH) {
+ if k == KeyExchangeCurve25519 && !slices.Contains(c.KeyExchanges, keyExchangeCurve25519LibSSH) {
kexs = append(kexs, keyExchangeCurve25519LibSSH)
}
}
diff --git a/vendor/golang.org/x/crypto/ssh/doc.go b/vendor/golang.org/x/crypto/ssh/doc.go
index 04ccce3461..5b4de9effc 100644
--- a/vendor/golang.org/x/crypto/ssh/doc.go
+++ b/vendor/golang.org/x/crypto/ssh/doc.go
@@ -17,8 +17,18 @@ References:
[PROTOCOL.certkeys]: http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.certkeys?rev=HEAD
[SSH-PARAMETERS]: http://www.iana.org/assignments/ssh-parameters/ssh-parameters.xml#ssh-parameters-1
[SSH-CERTS]: https://datatracker.ietf.org/doc/html/draft-miller-ssh-cert-01
+ [FIPS 140-3 mode]: https://go.dev/doc/security/fips140
This package does not fall under the stability promise of the Go language itself,
so its API may be changed when pressing needs arise.
+
+# FIPS 140-3 mode
+
+When the program is in [FIPS 140-3 mode], this package behaves as if only SP
+800-140C and SP 800-140D approved cipher suites, signature algorithms,
+certificate public key types and sizes, and key exchange and derivation
+algorithms were implemented. Others are silently ignored and not negotiated, or
+rejected. This set may depend on the algorithms supported by the FIPS 140-3 Go
+Cryptographic Module selected with GOFIPS140, and may change across Go versions.
*/
package ssh
diff --git a/vendor/golang.org/x/crypto/ssh/handshake.go b/vendor/golang.org/x/crypto/ssh/handshake.go
index a90bfe331c..4be3cbb6de 100644
--- a/vendor/golang.org/x/crypto/ssh/handshake.go
+++ b/vendor/golang.org/x/crypto/ssh/handshake.go
@@ -10,6 +10,7 @@ import (
"io"
"log"
"net"
+ "slices"
"strings"
"sync"
)
@@ -527,7 +528,7 @@ func (t *handshakeTransport) sendKexInit() error {
switch s := k.(type) {
case MultiAlgorithmSigner:
for _, algo := range algorithmsForKeyFormat(keyFormat) {
- if contains(s.Algorithms(), underlyingAlgo(algo)) {
+ if slices.Contains(s.Algorithms(), underlyingAlgo(algo)) {
msg.ServerHostKeyAlgos = append(msg.ServerHostKeyAlgos, algo)
}
}
@@ -679,7 +680,7 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
return err
}
- if t.sessionID == nil && ((isClient && contains(serverInit.KexAlgos, kexStrictServer)) || (!isClient && contains(clientInit.KexAlgos, kexStrictClient))) {
+ if t.sessionID == nil && ((isClient && slices.Contains(serverInit.KexAlgos, kexStrictServer)) || (!isClient && slices.Contains(clientInit.KexAlgos, kexStrictClient))) {
t.strictMode = true
if err := t.conn.setStrictMode(); err != nil {
return err
@@ -736,7 +737,7 @@ func (t *handshakeTransport) enterKeyExchange(otherInitPacket []byte) error {
// On the server side, after the first SSH_MSG_NEWKEYS, send a SSH_MSG_EXT_INFO
// message with the server-sig-algs extension if the client supports it. See
// RFC 8308, Sections 2.4 and 3.1, and [PROTOCOL], Section 1.9.
- if !isClient && firstKeyExchange && contains(clientInit.KexAlgos, "ext-info-c") {
+ if !isClient && firstKeyExchange && slices.Contains(clientInit.KexAlgos, "ext-info-c") {
supportedPubKeyAuthAlgosList := strings.Join(t.publicKeyAuthAlgorithms, ",")
extInfo := &extInfoMsg{
NumExtensions: 2,
@@ -790,7 +791,7 @@ func (a algorithmSignerWrapper) SignWithAlgorithm(rand io.Reader, data []byte, a
func pickHostKey(hostKeys []Signer, algo string) AlgorithmSigner {
for _, k := range hostKeys {
if s, ok := k.(MultiAlgorithmSigner); ok {
- if !contains(s.Algorithms(), underlyingAlgo(algo)) {
+ if !slices.Contains(s.Algorithms(), underlyingAlgo(algo)) {
continue
}
}
diff --git a/vendor/golang.org/x/crypto/ssh/kex.go b/vendor/golang.org/x/crypto/ssh/kex.go
index 78aaf03103..5f7fdd8514 100644
--- a/vendor/golang.org/x/crypto/ssh/kex.go
+++ b/vendor/golang.org/x/crypto/ssh/kex.go
@@ -8,12 +8,14 @@ import (
"crypto"
"crypto/ecdsa"
"crypto/elliptic"
+ "crypto/fips140"
"crypto/rand"
"encoding/binary"
"errors"
"fmt"
"io"
"math/big"
+ "slices"
"golang.org/x/crypto/curve25519"
)
@@ -395,9 +397,27 @@ func ecHash(curve elliptic.Curve) crypto.Hash {
return crypto.SHA512
}
+// kexAlgoMap defines the supported KEXs. KEXs not included are not supported
+// and will not be negotiated, even if explicitly configured. When FIPS mode is
+// enabled, only FIPS-approved algorithms are included.
var kexAlgoMap = map[string]kexAlgorithm{}
func init() {
+ // mlkem768x25519-sha256 we'll work with fips140=on but not fips140=only
+ // until Go 1.26.
+ kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
+ kexAlgoMap[KeyExchangeECDHP521] = &ecdh{elliptic.P521()}
+ kexAlgoMap[KeyExchangeECDHP384] = &ecdh{elliptic.P384()}
+ kexAlgoMap[KeyExchangeECDHP256] = &ecdh{elliptic.P256()}
+
+ if fips140.Enabled() {
+ defaultKexAlgos = slices.DeleteFunc(defaultKexAlgos, func(algo string) bool {
+ _, ok := kexAlgoMap[algo]
+ return !ok
+ })
+ return
+ }
+
p, _ := new(big.Int).SetString(oakleyGroup2, 16)
kexAlgoMap[InsecureKeyExchangeDH1SHA1] = &dhGroup{
g: new(big.Int).SetInt64(2),
@@ -431,14 +451,10 @@ func init() {
hashFunc: crypto.SHA512,
}
- kexAlgoMap[KeyExchangeECDHP521] = &ecdh{elliptic.P521()}
- kexAlgoMap[KeyExchangeECDHP384] = &ecdh{elliptic.P384()}
- kexAlgoMap[KeyExchangeECDHP256] = &ecdh{elliptic.P256()}
kexAlgoMap[KeyExchangeCurve25519] = &curve25519sha256{}
kexAlgoMap[keyExchangeCurve25519LibSSH] = &curve25519sha256{}
kexAlgoMap[InsecureKeyExchangeDHGEXSHA1] = &dhGEXSHA{hashFunc: crypto.SHA1}
kexAlgoMap[KeyExchangeDHGEXSHA256] = &dhGEXSHA{hashFunc: crypto.SHA256}
- kexAlgoMap[KeyExchangeMLKEM768X25519] = &mlkem768WithCurve25519sha256{}
}
// curve25519sha256 implements the curve25519-sha256 (formerly known as
diff --git a/vendor/golang.org/x/crypto/ssh/keys.go b/vendor/golang.org/x/crypto/ssh/keys.go
index a28c0de503..a035956fcc 100644
--- a/vendor/golang.org/x/crypto/ssh/keys.go
+++ b/vendor/golang.org/x/crypto/ssh/keys.go
@@ -27,6 +27,7 @@ import (
"fmt"
"io"
"math/big"
+ "slices"
"strings"
"golang.org/x/crypto/ssh/internal/bcrypt_pbkdf"
@@ -89,6 +90,11 @@ func parsePubKey(in []byte, algo string) (pubKey PublicKey, rest []byte, err err
}
return cert, nil, nil
}
+ if keyFormat := keyFormatForAlgorithm(algo); keyFormat != "" {
+ return nil, nil, fmt.Errorf("ssh: signature algorithm %q isn't a key format; key is malformed and should be re-encoded with type %q",
+ algo, keyFormat)
+ }
+
return nil, nil, fmt.Errorf("ssh: unknown key algorithm: %v", algo)
}
@@ -191,9 +197,10 @@ func ParseKnownHosts(in []byte) (marker string, hosts []string, pubKey PublicKey
return "", nil, nil, "", nil, io.EOF
}
-// ParseAuthorizedKey parses a public key from an authorized_keys
-// file used in OpenSSH according to the sshd(8) manual page.
+// ParseAuthorizedKey parses a public key from an authorized_keys file used in
+// OpenSSH according to the sshd(8) manual page. Invalid lines are ignored.
func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []string, rest []byte, err error) {
+ var lastErr error
for len(in) > 0 {
end := bytes.IndexByte(in, '\n')
if end != -1 {
@@ -222,6 +229,8 @@ func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []str
if out, comment, err = parseAuthorizedKey(in[i:]); err == nil {
return out, comment, options, rest, nil
+ } else {
+ lastErr = err
}
// No key type recognised. Maybe there's an options field at
@@ -264,12 +273,18 @@ func ParseAuthorizedKey(in []byte) (out PublicKey, comment string, options []str
if out, comment, err = parseAuthorizedKey(in[i:]); err == nil {
options = candidateOptions
return out, comment, options, rest, nil
+ } else {
+ lastErr = err
}
in = rest
continue
}
+ if lastErr != nil {
+ return nil, "", nil, nil, fmt.Errorf("ssh: no key found; last parsing error for ignored line: %w", lastErr)
+ }
+
return nil, "", nil, nil, errors.New("ssh: no key found")
}
@@ -395,11 +410,11 @@ func NewSignerWithAlgorithms(signer AlgorithmSigner, algorithms []string) (Multi
}
for _, algo := range algorithms {
- if !contains(supportedAlgos, algo) {
+ if !slices.Contains(supportedAlgos, algo) {
return nil, fmt.Errorf("ssh: algorithm %q is not supported for key type %q",
algo, signer.PublicKey().Type())
}
- if !contains(signerAlgos, algo) {
+ if !slices.Contains(signerAlgos, algo) {
return nil, fmt.Errorf("ssh: algorithm %q is restricted for the provided signer", algo)
}
}
@@ -486,10 +501,13 @@ func (r *rsaPublicKey) Marshal() []byte {
func (r *rsaPublicKey) Verify(data []byte, sig *Signature) error {
supportedAlgos := algorithmsForKeyFormat(r.Type())
- if !contains(supportedAlgos, sig.Format) {
+ if !slices.Contains(supportedAlgos, sig.Format) {
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, r.Type())
}
- hash := hashFuncs[sig.Format]
+ hash, err := hashFunc(sig.Format)
+ if err != nil {
+ return err
+ }
h := hash.New()
h.Write(data)
digest := h.Sum(nil)
@@ -606,7 +624,11 @@ func (k *dsaPublicKey) Verify(data []byte, sig *Signature) error {
if sig.Format != k.Type() {
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
}
- h := hashFuncs[sig.Format].New()
+ hash, err := hashFunc(sig.Format)
+ if err != nil {
+ return err
+ }
+ h := hash.New()
h.Write(data)
digest := h.Sum(nil)
@@ -651,7 +673,11 @@ func (k *dsaPrivateKey) SignWithAlgorithm(rand io.Reader, data []byte, algorithm
return nil, fmt.Errorf("ssh: unsupported signature algorithm %s", algorithm)
}
- h := hashFuncs[k.PublicKey().Type()].New()
+ hash, err := hashFunc(k.PublicKey().Type())
+ if err != nil {
+ return nil, err
+ }
+ h := hash.New()
h.Write(data)
digest := h.Sum(nil)
r, s, err := dsa.Sign(rand, k.PrivateKey, digest)
@@ -801,8 +827,11 @@ func (k *ecdsaPublicKey) Verify(data []byte, sig *Signature) error {
if sig.Format != k.Type() {
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
}
-
- h := hashFuncs[sig.Format].New()
+ hash, err := hashFunc(sig.Format)
+ if err != nil {
+ return err
+ }
+ h := hash.New()
h.Write(data)
digest := h.Sum(nil)
@@ -905,8 +934,11 @@ func (k *skECDSAPublicKey) Verify(data []byte, sig *Signature) error {
if sig.Format != k.Type() {
return fmt.Errorf("ssh: signature type %s for key type %s", sig.Format, k.Type())
}
-
- h := hashFuncs[sig.Format].New()
+ hash, err := hashFunc(sig.Format)
+ if err != nil {
+ return err
+ }
+ h := hash.New()
h.Write([]byte(k.application))
appDigest := h.Sum(nil)
@@ -1009,7 +1041,11 @@ func (k *skEd25519PublicKey) Verify(data []byte, sig *Signature) error {
return fmt.Errorf("invalid size %d for Ed25519 public key", l)
}
- h := hashFuncs[sig.Format].New()
+ hash, err := hashFunc(sig.Format)
+ if err != nil {
+ return err
+ }
+ h := hash.New()
h.Write([]byte(k.application))
appDigest := h.Sum(nil)
@@ -1112,11 +1148,14 @@ func (s *wrappedSigner) SignWithAlgorithm(rand io.Reader, data []byte, algorithm
algorithm = s.pubKey.Type()
}
- if !contains(s.Algorithms(), algorithm) {
+ if !slices.Contains(s.Algorithms(), algorithm) {
return nil, fmt.Errorf("ssh: unsupported signature algorithm %q for key format %q", algorithm, s.pubKey.Type())
}
- hashFunc := hashFuncs[algorithm]
+ hashFunc, err := hashFunc(algorithm)
+ if err != nil {
+ return nil, err
+ }
var digest []byte
if hashFunc != 0 {
h := hashFunc.New()
diff --git a/vendor/golang.org/x/crypto/ssh/mac.go b/vendor/golang.org/x/crypto/ssh/mac.go
index de2639d57f..87d626fbbf 100644
--- a/vendor/golang.org/x/crypto/ssh/mac.go
+++ b/vendor/golang.org/x/crypto/ssh/mac.go
@@ -7,11 +7,13 @@ package ssh
// Message authentication support
import (
+ "crypto/fips140"
"crypto/hmac"
"crypto/sha1"
"crypto/sha256"
"crypto/sha512"
"hash"
+ "slices"
)
type macMode struct {
@@ -46,23 +48,37 @@ func (t truncatingMAC) Size() int {
func (t truncatingMAC) BlockSize() int { return t.hmac.BlockSize() }
-var macModes = map[string]*macMode{
- HMACSHA512ETM: {64, true, func(key []byte) hash.Hash {
+// macModes defines the supported MACs. MACs not included are not supported
+// and will not be negotiated, even if explicitly configured. When FIPS mode is
+// enabled, only FIPS-approved algorithms are included.
+var macModes = map[string]*macMode{}
+
+func init() {
+ macModes[HMACSHA512ETM] = &macMode{64, true, func(key []byte) hash.Hash {
return hmac.New(sha512.New, key)
- }},
- HMACSHA256ETM: {32, true, func(key []byte) hash.Hash {
+ }}
+ macModes[HMACSHA256ETM] = &macMode{32, true, func(key []byte) hash.Hash {
return hmac.New(sha256.New, key)
- }},
- HMACSHA512: {64, false, func(key []byte) hash.Hash {
+ }}
+ macModes[HMACSHA512] = &macMode{64, false, func(key []byte) hash.Hash {
return hmac.New(sha512.New, key)
- }},
- HMACSHA256: {32, false, func(key []byte) hash.Hash {
+ }}
+ macModes[HMACSHA256] = &macMode{32, false, func(key []byte) hash.Hash {
return hmac.New(sha256.New, key)
- }},
- HMACSHA1: {20, false, func(key []byte) hash.Hash {
+ }}
+
+ if fips140.Enabled() {
+ defaultMACs = slices.DeleteFunc(defaultMACs, func(algo string) bool {
+ _, ok := macModes[algo]
+ return !ok
+ })
+ return
+ }
+
+ macModes[HMACSHA1] = &macMode{20, false, func(key []byte) hash.Hash {
return hmac.New(sha1.New, key)
- }},
- InsecureHMACSHA196: {20, false, func(key []byte) hash.Hash {
+ }}
+ macModes[InsecureHMACSHA196] = &macMode{20, false, func(key []byte) hash.Hash {
return truncatingMAC{12, hmac.New(sha1.New, key)}
- }},
+ }}
}
diff --git a/vendor/golang.org/x/crypto/ssh/server.go b/vendor/golang.org/x/crypto/ssh/server.go
index 98679ba5b6..064dcbaf5a 100644
--- a/vendor/golang.org/x/crypto/ssh/server.go
+++ b/vendor/golang.org/x/crypto/ssh/server.go
@@ -10,6 +10,7 @@ import (
"fmt"
"io"
"net"
+ "slices"
"strings"
)
@@ -43,6 +44,9 @@ type Permissions struct {
// pass data from the authentication callbacks to the server
// application layer.
Extensions map[string]string
+
+ // ExtraData allows to store user defined data.
+ ExtraData map[any]any
}
type GSSAPIWithMICConfig struct {
@@ -126,6 +130,21 @@ type ServerConfig struct {
// Permissions.Extensions entry.
PublicKeyCallback func(conn ConnMetadata, key PublicKey) (*Permissions, error)
+ // VerifiedPublicKeyCallback, if non-nil, is called after a client
+ // successfully confirms having control over a key that was previously
+ // approved by PublicKeyCallback. The permissions object passed to the
+ // callback is the one returned by PublicKeyCallback for the given public
+ // key and its ownership is transferred to the callback. The returned
+ // Permissions object can be the same object, optionally modified, or a
+ // completely new object. If VerifiedPublicKeyCallback is non-nil,
+ // PublicKeyCallback is not allowed to return a PartialSuccessError, which
+ // can instead be returned by VerifiedPublicKeyCallback.
+ //
+ // VerifiedPublicKeyCallback does not affect which authentication methods
+ // are included in the list of methods that can be attempted by the client.
+ VerifiedPublicKeyCallback func(conn ConnMetadata, key PublicKey, permissions *Permissions,
+ signatureAlgorithm string) (*Permissions, error)
+
// KeyboardInteractiveCallback, if non-nil, is called when
// keyboard-interactive authentication is selected (RFC
// 4256). The client object's Challenge function should be
@@ -246,7 +265,7 @@ func NewServerConn(c net.Conn, config *ServerConfig) (*ServerConn, <-chan NewCha
fullConf.PublicKeyAuthAlgorithms = defaultPubKeyAuthAlgos
} else {
for _, algo := range fullConf.PublicKeyAuthAlgorithms {
- if !contains(SupportedAlgorithms().PublicKeyAuths, algo) && !contains(InsecureAlgorithms().PublicKeyAuths, algo) {
+ if !slices.Contains(SupportedAlgorithms().PublicKeyAuths, algo) && !slices.Contains(InsecureAlgorithms().PublicKeyAuths, algo) {
c.Close()
return nil, nil, nil, fmt.Errorf("ssh: unsupported public key authentication algorithm %s", algo)
}
@@ -631,7 +650,7 @@ userAuthLoop:
return nil, parseError(msgUserAuthRequest)
}
algo := string(algoBytes)
- if !contains(config.PublicKeyAuthAlgorithms, underlyingAlgo(algo)) {
+ if !slices.Contains(config.PublicKeyAuthAlgorithms, underlyingAlgo(algo)) {
authErr = fmt.Errorf("ssh: algorithm %q not accepted", algo)
break
}
@@ -652,6 +671,9 @@ userAuthLoop:
candidate.pubKeyData = pubKeyData
candidate.perms, candidate.result = authConfig.PublicKeyCallback(s, pubKey)
_, isPartialSuccessError := candidate.result.(*PartialSuccessError)
+ if isPartialSuccessError && config.VerifiedPublicKeyCallback != nil {
+ return nil, errors.New("ssh: invalid library usage: PublicKeyCallback must not return partial success when VerifiedPublicKeyCallback is defined")
+ }
if (candidate.result == nil || isPartialSuccessError) &&
candidate.perms != nil &&
@@ -695,7 +717,7 @@ userAuthLoop:
// ssh-rsa-cert-v01@openssh.com algorithm with ssh-rsa public
// key type. The algorithm and public key type must be
// consistent: both must be certificate algorithms, or neither.
- if !contains(algorithmsForKeyFormat(pubKey.Type()), algo) {
+ if !slices.Contains(algorithmsForKeyFormat(pubKey.Type()), algo) {
authErr = fmt.Errorf("ssh: public key type %q not compatible with selected algorithm %q",
pubKey.Type(), algo)
break
@@ -705,7 +727,7 @@ userAuthLoop:
// algorithm name that corresponds to algo with
// sig.Format. This is usually the same, but
// for certs, the names differ.
- if !contains(config.PublicKeyAuthAlgorithms, sig.Format) {
+ if !slices.Contains(config.PublicKeyAuthAlgorithms, sig.Format) {
authErr = fmt.Errorf("ssh: algorithm %q not accepted", sig.Format)
break
}
@@ -722,6 +744,12 @@ userAuthLoop:
authErr = candidate.result
perms = candidate.perms
+ if authErr == nil && config.VerifiedPublicKeyCallback != nil {
+ // Only call VerifiedPublicKeyCallback after the key has been accepted
+ // and successfully verified. If authErr is non-nil, the key is not
+ // considered verified and the callback must not run.
+ perms, authErr = config.VerifiedPublicKeyCallback(s, pubKey, perms, algo)
+ }
}
case "gssapi-with-mic":
if authConfig.GSSAPIWithMICConfig == nil {
diff --git a/vendor/golang.org/x/crypto/ssh/transport.go b/vendor/golang.org/x/crypto/ssh/transport.go
index 663619845c..fa3dd6a429 100644
--- a/vendor/golang.org/x/crypto/ssh/transport.go
+++ b/vendor/golang.org/x/crypto/ssh/transport.go
@@ -8,6 +8,7 @@ import (
"bufio"
"bytes"
"errors"
+ "fmt"
"io"
"log"
)
@@ -254,6 +255,9 @@ var (
// (to setup server->client keys) or clientKeys (for client->server keys).
func newPacketCipher(d direction, algs DirectionAlgorithms, kex *kexResult) (packetCipher, error) {
cipherMode := cipherModes[algs.Cipher]
+ if cipherMode == nil {
+ return nil, fmt.Errorf("ssh: unsupported cipher %v", algs.Cipher)
+ }
iv := make([]byte, cipherMode.ivSize)
key := make([]byte, cipherMode.keySize)
diff --git a/vendor/golang.org/x/crypto/xts/xts.go b/vendor/golang.org/x/crypto/xts/xts.go
index d64f536f9d..6a73020207 100644
--- a/vendor/golang.org/x/crypto/xts/xts.go
+++ b/vendor/golang.org/x/crypto/xts/xts.go
@@ -21,6 +21,10 @@
//
// Note that XTS is usually not appropriate for any use besides disk encryption.
// Most users should use an AEAD mode like GCM (from crypto/cipher.NewGCM) instead.
+//
+// The xts package is [frozen] and is not accepting new features.
+//
+// [frozen]: https://go.dev/wiki/Frozen
package xts
import (
diff --git a/vendor/golang.org/x/oauth2/oauth2.go b/vendor/golang.org/x/oauth2/oauth2.go
index de34feb844..3e3b630695 100644
--- a/vendor/golang.org/x/oauth2/oauth2.go
+++ b/vendor/golang.org/x/oauth2/oauth2.go
@@ -9,7 +9,6 @@
package oauth2 // import "golang.org/x/oauth2"
import (
- "bytes"
"context"
"errors"
"net/http"
@@ -158,7 +157,7 @@ func SetAuthURLParam(key, value string) AuthCodeOption {
// PKCE), https://www.oauth.com/oauth2-servers/pkce/ and
// https://www.ietf.org/archive/id/draft-ietf-oauth-v2-1-09.html#name-cross-site-request-forgery (describing both approaches)
func (c *Config) AuthCodeURL(state string, opts ...AuthCodeOption) string {
- var buf bytes.Buffer
+ var buf strings.Builder
buf.WriteString(c.Endpoint.AuthURL)
v := url.Values{
"response_type": {"code"},
diff --git a/vendor/golang.org/x/text/unicode/bidi/core.go b/vendor/golang.org/x/text/unicode/bidi/core.go
index 9d2ae547b5..fb8273236d 100644
--- a/vendor/golang.org/x/text/unicode/bidi/core.go
+++ b/vendor/golang.org/x/text/unicode/bidi/core.go
@@ -427,13 +427,6 @@ type isolatingRunSequence struct {
func (i *isolatingRunSequence) Len() int { return len(i.indexes) }
-func maxLevel(a, b level) level {
- if a > b {
- return a
- }
- return b
-}
-
// Rule X10, second bullet: Determine the start-of-sequence (sos) and end-of-sequence (eos) types,
// either L or R, for each isolating run sequence.
func (p *paragraph) isolatingRunSequence(indexes []int) *isolatingRunSequence {
@@ -474,8 +467,8 @@ func (p *paragraph) isolatingRunSequence(indexes []int) *isolatingRunSequence {
indexes: indexes,
types: types,
level: level,
- sos: typeForLevel(maxLevel(prevLevel, level)),
- eos: typeForLevel(maxLevel(succLevel, level)),
+ sos: typeForLevel(max(prevLevel, level)),
+ eos: typeForLevel(max(succLevel, level)),
}
}
diff --git a/vendor/golang.org/x/tools/go/ast/inspector/cursor.go b/vendor/golang.org/x/tools/go/ast/inspector/cursor.go
index 31c8d2f240..7e72d3c284 100644
--- a/vendor/golang.org/x/tools/go/ast/inspector/cursor.go
+++ b/vendor/golang.org/x/tools/go/ast/inspector/cursor.go
@@ -40,7 +40,7 @@ type Cursor struct {
// Root returns a cursor for the virtual root node,
// whose children are the files provided to [New].
//
-// Its [Cursor.Node] and [Cursor.Stack] methods return nil.
+// Its [Cursor.Node] method return nil.
func (in *Inspector) Root() Cursor {
return Cursor{in, -1}
}
diff --git a/vendor/golang.org/x/tools/go/packages/visit.go b/vendor/golang.org/x/tools/go/packages/visit.go
index df14ffd94d..af6a60d75f 100644
--- a/vendor/golang.org/x/tools/go/packages/visit.go
+++ b/vendor/golang.org/x/tools/go/packages/visit.go
@@ -5,9 +5,11 @@
package packages
import (
+ "cmp"
"fmt"
+ "iter"
"os"
- "sort"
+ "slices"
)
// Visit visits all the packages in the import graph whose roots are
@@ -16,6 +18,20 @@ import (
// package's dependencies have been visited (postorder).
// The boolean result of pre(pkg) determines whether
// the imports of package pkg are visited.
+//
+// Example:
+//
+// pkgs, err := Load(...)
+// if err != nil { ... }
+// Visit(pkgs, nil, func(pkg *Package) {
+// log.Println(pkg)
+// })
+//
+// In most cases, it is more convenient to use [Postorder]:
+//
+// for pkg := range Postorder(pkgs) {
+// log.Println(pkg)
+// }
func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
seen := make(map[*Package]bool)
var visit func(*Package)
@@ -24,13 +40,8 @@ func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
seen[pkg] = true
if pre == nil || pre(pkg) {
- paths := make([]string, 0, len(pkg.Imports))
- for path := range pkg.Imports {
- paths = append(paths, path)
- }
- sort.Strings(paths) // Imports is a map, this makes visit stable
- for _, path := range paths {
- visit(pkg.Imports[path])
+ for _, imp := range sorted(pkg.Imports) { // for determinism
+ visit(imp)
}
}
@@ -50,7 +61,7 @@ func Visit(pkgs []*Package, pre func(*Package) bool, post func(*Package)) {
func PrintErrors(pkgs []*Package) int {
var n int
errModules := make(map[*Module]bool)
- Visit(pkgs, nil, func(pkg *Package) {
+ for pkg := range Postorder(pkgs) {
for _, err := range pkg.Errors {
fmt.Fprintln(os.Stderr, err)
n++
@@ -63,6 +74,60 @@ func PrintErrors(pkgs []*Package) int {
fmt.Fprintln(os.Stderr, mod.Error.Err)
n++
}
- })
+ }
return n
}
+
+// Postorder returns an iterator over the the packages in
+// the import graph whose roots are pkg.
+// Packages are enumerated in dependencies-first order.
+func Postorder(pkgs []*Package) iter.Seq[*Package] {
+ return func(yield func(*Package) bool) {
+ seen := make(map[*Package]bool)
+ var visit func(*Package) bool
+ visit = func(pkg *Package) bool {
+ if !seen[pkg] {
+ seen[pkg] = true
+ for _, imp := range sorted(pkg.Imports) { // for determinism
+ if !visit(imp) {
+ return false
+ }
+ }
+ if !yield(pkg) {
+ return false
+ }
+ }
+ return true
+ }
+ for _, pkg := range pkgs {
+ if !visit(pkg) {
+ break
+ }
+ }
+ }
+}
+
+// -- copied from golang.org.x/tools/gopls/internal/util/moremaps --
+
+// sorted returns an iterator over the entries of m in key order.
+func sorted[M ~map[K]V, K cmp.Ordered, V any](m M) iter.Seq2[K, V] {
+ // TODO(adonovan): use maps.Sorted if proposal #68598 is accepted.
+ return func(yield func(K, V) bool) {
+ keys := keySlice(m)
+ slices.Sort(keys)
+ for _, k := range keys {
+ if !yield(k, m[k]) {
+ break
+ }
+ }
+ }
+}
+
+// KeySlice returns the keys of the map M, like slices.Collect(maps.Keys(m)).
+func keySlice[M ~map[K]V, K comparable, V any](m M) []K {
+ r := make([]K, 0, len(m))
+ for k := range m {
+ r = append(r, k)
+ }
+ return r
+}
diff --git a/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go b/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
index d3c2913bef..6c0c74968f 100644
--- a/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
+++ b/vendor/golang.org/x/tools/go/types/objectpath/objectpath.go
@@ -698,7 +698,10 @@ func Object(pkg *types.Package, p Path) (types.Object, error) {
} else if false && aliases.Enabled() {
// The Enabled check is too expensive, so for now we
// simply assume that aliases are not enabled.
- // TODO(adonovan): replace with "if true {" when go1.24 is assured.
+ //
+ // Now that go1.24 is assured, we should be able to
+ // replace this with "if true {", but it causes tests
+ // to fail. TODO(adonovan): investigate.
return nil, fmt.Errorf("cannot apply %q to %s (got %T, want alias)", code, t, t)
}
diff --git a/vendor/golang.org/x/tools/go/types/typeutil/map.go b/vendor/golang.org/x/tools/go/types/typeutil/map.go
index b6d542c64e..f035a0b6be 100644
--- a/vendor/golang.org/x/tools/go/types/typeutil/map.go
+++ b/vendor/golang.org/x/tools/go/types/typeutil/map.go
@@ -11,7 +11,6 @@ import (
"fmt"
"go/types"
"hash/maphash"
- "unsafe"
"golang.org/x/tools/internal/typeparams"
)
@@ -380,22 +379,8 @@ var theSeed = maphash.MakeSeed()
func (hasher) hashTypeName(tname *types.TypeName) uint32 {
// Since types.Identical uses == to compare TypeNames,
// the Hash function uses maphash.Comparable.
- // TODO(adonovan): or will, when it becomes available in go1.24.
- // In the meantime we use the pointer's numeric value.
- //
- // hash := maphash.Comparable(theSeed, tname)
- //
- // (Another approach would be to hash the name and package
- // path, and whether or not it is a package-level typename. It
- // is rare for a package to define multiple local types with
- // the same name.)
- ptr := uintptr(unsafe.Pointer(tname))
- if unsafe.Sizeof(ptr) == 8 {
- hash := uint64(ptr)
- return uint32(hash ^ (hash >> 32))
- } else {
- return uint32(ptr)
- }
+ hash := maphash.Comparable(theSeed, tname)
+ return uint32(hash ^ (hash >> 32))
}
// shallowHash computes a hash of t without looking at any of its
diff --git a/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go b/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go
deleted file mode 100644
index 7586bfaca6..0000000000
--- a/vendor/golang.org/x/tools/internal/gcimporter/iimport_go122.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2024 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-//go:build go1.22 && !go1.24
-
-package gcimporter
-
-import (
- "go/token"
- "go/types"
- "unsafe"
-)
-
-// TODO(rfindley): delete this workaround once go1.24 is assured.
-
-func init() {
- // Update markBlack so that it correctly sets the color
- // of imported TypeNames.
- //
- // See the doc comment for markBlack for details.
-
- type color uint32
- const (
- white color = iota
- black
- grey
- )
- type object struct {
- _ *types.Scope
- _ token.Pos
- _ *types.Package
- _ string
- _ types.Type
- _ uint32
- color_ color
- _ token.Pos
- }
- type typeName struct {
- object
- }
-
- // If the size of types.TypeName changes, this will fail to compile.
- const delta = int64(unsafe.Sizeof(typeName{})) - int64(unsafe.Sizeof(types.TypeName{}))
- var _ [-delta * delta]int
-
- markBlack = func(obj *types.TypeName) {
- type uP = unsafe.Pointer
- var ptr *typeName
- *(*uP)(uP(&ptr)) = uP(obj)
- ptr.color_ = black
- }
-}
diff --git a/vendor/golang.org/x/tools/internal/stdlib/deps.go b/vendor/golang.org/x/tools/internal/stdlib/deps.go
index 77cf8d2181..96ad6c5821 100644
--- a/vendor/golang.org/x/tools/internal/stdlib/deps.go
+++ b/vendor/golang.org/x/tools/internal/stdlib/deps.go
@@ -12,348 +12,354 @@ type pkginfo struct {
}
var deps = [...]pkginfo{
- {"archive/tar", "\x03j\x03E5\x01\v\x01#\x01\x01\x02\x05\n\x02\x01\x02\x02\v"},
- {"archive/zip", "\x02\x04`\a\x16\x0205\x01+\x05\x01\x11\x03\x02\r\x04"},
- {"bufio", "\x03j}F\x13"},
- {"bytes", "m+R\x03\fH\x02\x02"},
+ {"archive/tar", "\x03k\x03E;\x01\n\x01$\x01\x01\x02\x05\b\x02\x01\x02\x02\f"},
+ {"archive/zip", "\x02\x04a\a\x03\x12\x021;\x01+\x05\x01\x0f\x03\x02\x0e\x04"},
+ {"bufio", "\x03k\x83\x01D\x14"},
+ {"bytes", "n*Y\x03\fG\x02\x02"},
{"cmp", ""},
- {"compress/bzip2", "\x02\x02\xe6\x01C"},
- {"compress/flate", "\x02k\x03z\r\x025\x01\x03"},
- {"compress/gzip", "\x02\x04`\a\x03\x15eU"},
- {"compress/lzw", "\x02k\x03z"},
- {"compress/zlib", "\x02\x04`\a\x03\x13\x01f"},
- {"container/heap", "\xae\x02"},
+ {"compress/bzip2", "\x02\x02\xed\x01A"},
+ {"compress/flate", "\x02l\x03\x80\x01\f\x033\x01\x03"},
+ {"compress/gzip", "\x02\x04a\a\x03\x14lT"},
+ {"compress/lzw", "\x02l\x03\x80\x01"},
+ {"compress/zlib", "\x02\x04a\a\x03\x12\x01m"},
+ {"container/heap", "\xb3\x02"},
{"container/list", ""},
{"container/ring", ""},
- {"context", "m\\i\x01\f"},
- {"crypto", "\x83\x01gE"},
- {"crypto/aes", "\x10\n\a\x8e\x02"},
- {"crypto/cipher", "\x03\x1e\x01\x01\x1d\x11\x1c,Q"},
- {"crypto/des", "\x10\x13\x1d-,\x96\x01\x03"},
- {"crypto/dsa", "@\x04)}\x0e"},
- {"crypto/ecdh", "\x03\v\f\x0e\x04\x14\x04\r\x1c}"},
- {"crypto/ecdsa", "\x0e\x05\x03\x04\x01\x0e\x16\x01\x04\f\x01\x1c}\x0e\x04L\x01"},
- {"crypto/ed25519", "\x0e\x1c\x16\n\a\x1c}E"},
- {"crypto/elliptic", "0=}\x0e:"},
- {"crypto/fips140", " \x05\x90\x01"},
- {"crypto/hkdf", "-\x12\x01-\x16"},
- {"crypto/hmac", "\x1a\x14\x11\x01\x112"},
+ {"context", "n\\m\x01\r"},
+ {"crypto", "\x83\x01nC"},
+ {"crypto/aes", "\x10\n\a\x93\x02"},
+ {"crypto/cipher", "\x03\x1e\x01\x01\x1e\x11\x1c+X"},
+ {"crypto/des", "\x10\x13\x1e-+\x9b\x01\x03"},
+ {"crypto/dsa", "A\x04)\x83\x01\r"},
+ {"crypto/ecdh", "\x03\v\f\x0e\x04\x15\x04\r\x1c\x83\x01"},
+ {"crypto/ecdsa", "\x0e\x05\x03\x04\x01\x0e\a\v\x05\x01\x04\f\x01\x1c\x83\x01\r\x05K\x01"},
+ {"crypto/ed25519", "\x0e\x1c\x11\x06\n\a\x1c\x83\x01C"},
+ {"crypto/elliptic", "0>\x83\x01\r9"},
+ {"crypto/fips140", " \x05"},
+ {"crypto/hkdf", "-\x13\x01-\x15"},
+ {"crypto/hmac", "\x1a\x14\x12\x01\x111"},
{"crypto/internal/boring", "\x0e\x02\rf"},
- {"crypto/internal/boring/bbig", "\x1a\xde\x01M"},
- {"crypto/internal/boring/bcache", "\xb3\x02\x12"},
+ {"crypto/internal/boring/bbig", "\x1a\xe4\x01M"},
+ {"crypto/internal/boring/bcache", "\xb8\x02\x13"},
{"crypto/internal/boring/sig", ""},
- {"crypto/internal/cryptotest", "\x03\r\n)\x0e\x19\x06\x13\x12#\a\t\x11\x11\x11\x1b\x01\f\r\x05\n"},
- {"crypto/internal/entropy", "E"},
- {"crypto/internal/fips140", ">/}9\r\x15"},
- {"crypto/internal/fips140/aes", "\x03\x1d\x03\x02\x13\x04\x01\x01\x05*\x8c\x016"},
- {"crypto/internal/fips140/aes/gcm", " \x01\x02\x02\x02\x11\x04\x01\x06*\x8a\x01"},
- {"crypto/internal/fips140/alias", "\xc5\x02"},
- {"crypto/internal/fips140/bigmod", "%\x17\x01\x06*\x8c\x01"},
- {"crypto/internal/fips140/check", " \x0e\x06\b\x02\xac\x01["},
- {"crypto/internal/fips140/check/checktest", "%\xfe\x01\""},
- {"crypto/internal/fips140/drbg", "\x03\x1c\x01\x01\x04\x13\x04\b\x01(}\x0f9"},
- {"crypto/internal/fips140/ecdh", "\x03\x1d\x05\x02\t\f1}\x0f9"},
- {"crypto/internal/fips140/ecdsa", "\x03\x1d\x04\x01\x02\a\x02\x067}H"},
- {"crypto/internal/fips140/ed25519", "\x03\x1d\x05\x02\x04\v7\xc2\x01\x03"},
- {"crypto/internal/fips140/edwards25519", "%\a\f\x041\x8c\x019"},
- {"crypto/internal/fips140/edwards25519/field", "%\x13\x041\x8c\x01"},
- {"crypto/internal/fips140/hkdf", "\x03\x1d\x05\t\x069"},
- {"crypto/internal/fips140/hmac", "\x03\x1d\x14\x01\x017"},
- {"crypto/internal/fips140/mlkem", "\x03\x1d\x05\x02\x0e\x03\x041"},
- {"crypto/internal/fips140/nistec", "%\f\a\x041\x8c\x01*\x0f\x13"},
- {"crypto/internal/fips140/nistec/fiat", "%\x135\x8c\x01"},
- {"crypto/internal/fips140/pbkdf2", "\x03\x1d\x05\t\x069"},
- {"crypto/internal/fips140/rsa", "\x03\x1d\x04\x01\x02\r\x01\x01\x025}H"},
- {"crypto/internal/fips140/sha256", "\x03\x1d\x1c\x01\x06*\x8c\x01"},
- {"crypto/internal/fips140/sha3", "\x03\x1d\x18\x04\x010\x8c\x01L"},
- {"crypto/internal/fips140/sha512", "\x03\x1d\x1c\x01\x06*\x8c\x01"},
- {"crypto/internal/fips140/ssh", " \x05"},
- {"crypto/internal/fips140/subtle", "#"},
- {"crypto/internal/fips140/tls12", "\x03\x1d\x05\t\x06\x027"},
- {"crypto/internal/fips140/tls13", "\x03\x1d\x05\b\a\b1"},
+ {"crypto/internal/cryptotest", "\x03\r\n\x06$\x0e\x19\x06\x12\x12 \x04\a\t\x16\x01\x11\x11\x1b\x01\a\x05\b\x03\x05\v"},
+ {"crypto/internal/entropy", "F"},
+ {"crypto/internal/fips140", "?/\x15\xa7\x01\v\x16"},
+ {"crypto/internal/fips140/aes", "\x03\x1d\x03\x02\x13\x05\x01\x01\x05*\x92\x014"},
+ {"crypto/internal/fips140/aes/gcm", " \x01\x02\x02\x02\x11\x05\x01\x06*\x8f\x01"},
+ {"crypto/internal/fips140/alias", "\xcb\x02"},
+ {"crypto/internal/fips140/bigmod", "%\x18\x01\x06*\x92\x01"},
+ {"crypto/internal/fips140/check", " \x0e\x06\t\x02\xb2\x01Z"},
+ {"crypto/internal/fips140/check/checktest", "%\x85\x02!"},
+ {"crypto/internal/fips140/drbg", "\x03\x1c\x01\x01\x04\x13\x05\b\x01(\x83\x01\x0f7"},
+ {"crypto/internal/fips140/ecdh", "\x03\x1d\x05\x02\t\r1\x83\x01\x0f7"},
+ {"crypto/internal/fips140/ecdsa", "\x03\x1d\x04\x01\x02\a\x02\x068\x15nF"},
+ {"crypto/internal/fips140/ed25519", "\x03\x1d\x05\x02\x04\v8\xc6\x01\x03"},
+ {"crypto/internal/fips140/edwards25519", "%\a\f\x051\x92\x017"},
+ {"crypto/internal/fips140/edwards25519/field", "%\x13\x051\x92\x01"},
+ {"crypto/internal/fips140/hkdf", "\x03\x1d\x05\t\x06:\x15"},
+ {"crypto/internal/fips140/hmac", "\x03\x1d\x14\x01\x018\x15"},
+ {"crypto/internal/fips140/mlkem", "\x03\x1d\x05\x02\x0e\x03\x051"},
+ {"crypto/internal/fips140/nistec", "%\f\a\x051\x92\x01*\r\x14"},
+ {"crypto/internal/fips140/nistec/fiat", "%\x136\x92\x01"},
+ {"crypto/internal/fips140/pbkdf2", "\x03\x1d\x05\t\x06:\x15"},
+ {"crypto/internal/fips140/rsa", "\x03\x1d\x04\x01\x02\r\x01\x01\x026\x15nF"},
+ {"crypto/internal/fips140/sha256", "\x03\x1d\x1d\x01\x06*\x15}"},
+ {"crypto/internal/fips140/sha3", "\x03\x1d\x18\x05\x010\x92\x01K"},
+ {"crypto/internal/fips140/sha512", "\x03\x1d\x1d\x01\x06*\x15}"},
+ {"crypto/internal/fips140/ssh", "%^"},
+ {"crypto/internal/fips140/subtle", "#\x1a\xc3\x01"},
+ {"crypto/internal/fips140/tls12", "\x03\x1d\x05\t\x06\x028\x15"},
+ {"crypto/internal/fips140/tls13", "\x03\x1d\x05\b\a\t1\x15"},
+ {"crypto/internal/fips140cache", "\xaa\x02\r&"},
{"crypto/internal/fips140deps", ""},
{"crypto/internal/fips140deps/byteorder", "\x99\x01"},
- {"crypto/internal/fips140deps/cpu", "\xad\x01\a"},
- {"crypto/internal/fips140deps/godebug", "\xb5\x01"},
- {"crypto/internal/fips140hash", "5\x1a4\xc2\x01"},
- {"crypto/internal/fips140only", "'\r\x01\x01M25"},
+ {"crypto/internal/fips140deps/cpu", "\xae\x01\a"},
+ {"crypto/internal/fips140deps/godebug", "\xb6\x01"},
+ {"crypto/internal/fips140hash", "5\x1b3\xc8\x01"},
+ {"crypto/internal/fips140only", "'\r\x01\x01M3;"},
{"crypto/internal/fips140test", ""},
- {"crypto/internal/hpke", "\x0e\x01\x01\x03\x1a\x1d#,`N"},
- {"crypto/internal/impl", "\xb0\x02"},
- {"crypto/internal/randutil", "\xea\x01\x12"},
- {"crypto/internal/sysrand", "mi!\x1f\r\x0f\x01\x01\v\x06"},
- {"crypto/internal/sysrand/internal/seccomp", "m"},
- {"crypto/md5", "\x0e2-\x16\x16`"},
+ {"crypto/internal/hpke", "\x0e\x01\x01\x03\x053#+gM"},
+ {"crypto/internal/impl", "\xb5\x02"},
+ {"crypto/internal/randutil", "\xf1\x01\x12"},
+ {"crypto/internal/sysrand", "nn! \r\r\x01\x01\f\x06"},
+ {"crypto/internal/sysrand/internal/seccomp", "n"},
+ {"crypto/md5", "\x0e3-\x15\x16g"},
{"crypto/mlkem", "/"},
- {"crypto/pbkdf2", "2\r\x01-\x16"},
- {"crypto/rand", "\x1a\x06\a\x19\x04\x01(}\x0eM"},
- {"crypto/rc4", "#\x1d-\xc2\x01"},
- {"crypto/rsa", "\x0e\f\x01\t\x0f\f\x01\x04\x06\a\x1c\x03\x1325\r\x01"},
- {"crypto/sha1", "\x0e\f&-\x16\x16\x14L"},
+ {"crypto/pbkdf2", "2\x0e\x01-\x15"},
+ {"crypto/rand", "\x1a\x06\a\x1a\x04\x01(\x83\x01\rM"},
+ {"crypto/rc4", "#\x1e-\xc6\x01"},
+ {"crypto/rsa", "\x0e\f\x01\t\x0f\r\x01\x04\x06\a\x1c\x03\x123;\f\x01"},
+ {"crypto/sha1", "\x0e\f'\x03*\x15\x16\x15R"},
{"crypto/sha256", "\x0e\f\x1aO"},
- {"crypto/sha3", "\x0e'N\xc2\x01"},
+ {"crypto/sha3", "\x0e'N\xc8\x01"},
{"crypto/sha512", "\x0e\f\x1cM"},
- {"crypto/subtle", "8\x96\x01U"},
- {"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x03\x01\a\x01\v\x02\n\x01\b\x05\x03\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x13\x16\x14\b5\x16\x16\r\n\x01\x01\x01\x02\x01\f\x06\x02\x01"},
- {"crypto/tls/internal/fips140tls", " \x93\x02"},
- {"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x011\x03\x02\x01\x01\x02\x05\x0e\x06\x02\x02\x03E\x032\x01\x02\t\x01\x01\x01\a\x10\x05\x01\x06\x02\x05\f\x01\x02\r\x02\x01\x01\x02\x03\x01"},
- {"crypto/x509/pkix", "c\x06\a\x88\x01G"},
- {"database/sql", "\x03\nJ\x16\x03z\f\x06\"\x05\n\x02\x03\x01\f\x02\x02\x02"},
- {"database/sql/driver", "\r`\x03\xae\x01\x11\x10"},
- {"debug/buildinfo", "\x03W\x02\x01\x01\b\a\x03`\x18\x02\x01+\x0f "},
- {"debug/dwarf", "\x03c\a\x03z1\x13\x01\x01"},
- {"debug/elf", "\x03\x06P\r\a\x03`\x19\x01,\x19\x01\x15"},
- {"debug/gosym", "\x03c\n\xbe\x01\x01\x01\x02"},
- {"debug/macho", "\x03\x06P\r\n`\x1a,\x19\x01"},
- {"debug/pe", "\x03\x06P\r\a\x03`\x1a,\x19\x01\x15"},
- {"debug/plan9obj", "f\a\x03`\x1a,"},
- {"embed", "m+:\x18\x01T"},
+ {"crypto/subtle", "8\x9b\x01W"},
+ {"crypto/tls", "\x03\b\x02\x01\x01\x01\x01\x02\x01\x01\x01\x02\x01\x01\a\x01\r\n\x01\t\x05\x03\x01\x01\x01\x01\x02\x01\x02\x01\x17\x02\x03\x12\x16\x15\b;\x16\x16\r\b\x01\x01\x01\x02\x01\r\x06\x02\x01\x0f"},
+ {"crypto/tls/internal/fips140tls", "\x17\xa1\x02"},
+ {"crypto/x509", "\x03\v\x01\x01\x01\x01\x01\x01\x01\x012\x05\x01\x01\x02\x05\x0e\x06\x02\x02\x03E\x038\x01\x02\b\x01\x01\x02\a\x10\x05\x01\x06\x02\x05\n\x01\x02\x0e\x02\x01\x01\x02\x03\x01"},
+ {"crypto/x509/pkix", "d\x06\a\x8d\x01G"},
+ {"database/sql", "\x03\nK\x16\x03\x80\x01\v\a\"\x05\b\x02\x03\x01\r\x02\x02\x02"},
+ {"database/sql/driver", "\ra\x03\xb4\x01\x0f\x11"},
+ {"debug/buildinfo", "\x03X\x02\x01\x01\b\a\x03e\x19\x02\x01+\x0f\x1f"},
+ {"debug/dwarf", "\x03d\a\x03\x80\x011\x11\x01\x01"},
+ {"debug/elf", "\x03\x06Q\r\a\x03e\x1a\x01,\x17\x01\x16"},
+ {"debug/gosym", "\x03d\n\xc2\x01\x01\x01\x02"},
+ {"debug/macho", "\x03\x06Q\r\ne\x1b,\x17\x01"},
+ {"debug/pe", "\x03\x06Q\r\a\x03e\x1b,\x17\x01\x16"},
+ {"debug/plan9obj", "g\a\x03e\x1b,"},
+ {"embed", "n*@\x19\x01S"},
{"embed/internal/embedtest", ""},
{"encoding", ""},
- {"encoding/ascii85", "\xea\x01E"},
- {"encoding/asn1", "\x03j\x03\x87\x01\x01&\x0f\x02\x01\x0f\x03\x01"},
- {"encoding/base32", "\xea\x01C\x02"},
- {"encoding/base64", "\x99\x01QC\x02"},
- {"encoding/binary", "m}\r'\x0f\x05"},
- {"encoding/csv", "\x02\x01j\x03zF\x11\x02"},
- {"encoding/gob", "\x02_\x05\a\x03`\x1a\f\x01\x02\x1d\b\x14\x01\x0e\x02"},
- {"encoding/hex", "m\x03zC\x03"},
- {"encoding/json", "\x03\x01]\x04\b\x03z\r'\x0f\x02\x01\x02\x0f\x01\x01\x02"},
- {"encoding/pem", "\x03b\b}C\x03"},
- {"encoding/xml", "\x02\x01^\f\x03z4\x05\f\x01\x02\x0f\x02"},
- {"errors", "\xc9\x01|"},
- {"expvar", "jK9\t\n\x15\r\n\x02\x03\x01\x10"},
- {"flag", "a\f\x03z,\b\x05\n\x02\x01\x0f"},
- {"fmt", "mE8\r\x1f\b\x0f\x02\x03\x11"},
- {"go/ast", "\x03\x01l\x0f\x01j\x03)\b\x0f\x02\x01"},
- {"go/ast/internal/tests", ""},
- {"go/build", "\x02\x01j\x03\x01\x03\x02\a\x02\x01\x17\x1e\x04\x02\t\x14\x12\x01+\x01\x04\x01\a\n\x02\x01\x11\x02\x02"},
- {"go/build/constraint", "m\xc2\x01\x01\x11\x02"},
- {"go/constant", "p\x10w\x01\x016\x01\x02\x11"},
- {"go/doc", "\x04l\x01\x06\t=-1\x12\x02\x01\x11\x02"},
- {"go/doc/comment", "\x03m\xbd\x01\x01\x01\x01\x11\x02"},
- {"go/format", "\x03m\x01\f\x01\x02jF"},
- {"go/importer", "s\a\x01\x01\x04\x01i9"},
- {"go/internal/gccgoimporter", "\x02\x01W\x13\x03\x05\v\x01g\x02,\x01\x05\x13\x01\v\b"},
- {"go/internal/gcimporter", "\x02n\x10\x01/\x05\x0e',\x17\x03\x02"},
- {"go/internal/srcimporter", "p\x01\x02\n\x03\x01i,\x01\x05\x14\x02\x13"},
- {"go/parser", "\x03j\x03\x01\x03\v\x01j\x01+\x06\x14"},
- {"go/printer", "p\x01\x03\x03\tj\r\x1f\x17\x02\x01\x02\n\x05\x02"},
- {"go/scanner", "\x03m\x10j2\x12\x01\x12\x02"},
- {"go/token", "\x04l\xbd\x01\x02\x03\x01\x0e\x02"},
- {"go/types", "\x03\x01\x06c\x03\x01\x04\b\x03\x02\x15\x1e\x06+\x04\x03\n%\a\n\x01\x01\x01\x02\x01\x0e\x02\x02"},
- {"go/version", "\xba\x01v"},
- {"hash", "\xea\x01"},
- {"hash/adler32", "m\x16\x16"},
- {"hash/crc32", "m\x16\x16\x14\x85\x01\x01\x12"},
- {"hash/crc64", "m\x16\x16\x99\x01"},
- {"hash/fnv", "m\x16\x16`"},
- {"hash/maphash", "\x94\x01\x05\x1b\x03@N"},
- {"html", "\xb0\x02\x02\x11"},
- {"html/template", "\x03g\x06\x19,5\x01\v \x05\x01\x02\x03\x0e\x01\x02\v\x01\x03\x02"},
- {"image", "\x02k\x1f^\x0f6\x03\x01"},
+ {"encoding/ascii85", "\xf1\x01C"},
+ {"encoding/asn1", "\x03k\x03\x8c\x01\x01'\r\x02\x01\x10\x03\x01"},
+ {"encoding/base32", "\xf1\x01A\x02"},
+ {"encoding/base64", "\x99\x01XA\x02"},
+ {"encoding/binary", "n\x83\x01\f(\r\x05"},
+ {"encoding/csv", "\x02\x01k\x03\x80\x01D\x12\x02"},
+ {"encoding/gob", "\x02`\x05\a\x03e\x1b\v\x01\x03\x1d\b\x12\x01\x0f\x02"},
+ {"encoding/hex", "n\x03\x80\x01A\x03"},
+ {"encoding/json", "\x03\x01^\x04\b\x03\x80\x01\f(\r\x02\x01\x02\x10\x01\x01\x02"},
+ {"encoding/pem", "\x03c\b\x83\x01A\x03"},
+ {"encoding/xml", "\x02\x01_\f\x03\x80\x014\x05\n\x01\x02\x10\x02"},
+ {"errors", "\xca\x01\x81\x01"},
+ {"expvar", "kK?\b\v\x15\r\b\x02\x03\x01\x11"},
+ {"flag", "b\f\x03\x80\x01,\b\x05\b\x02\x01\x10"},
+ {"fmt", "nE>\f \b\r\x02\x03\x12"},
+ {"go/ast", "\x03\x01m\x0e\x01q\x03)\b\r\x02\x01"},
+ {"go/build", "\x02\x01k\x03\x01\x02\x02\a\x02\x01\x17\x1f\x04\x02\t\x19\x13\x01+\x01\x04\x01\a\b\x02\x01\x12\x02\x02"},
+ {"go/build/constraint", "n\xc6\x01\x01\x12\x02"},
+ {"go/constant", "q\x0f}\x01\x024\x01\x02\x12"},
+ {"go/doc", "\x04m\x01\x05\t>31\x10\x02\x01\x12\x02"},
+ {"go/doc/comment", "\x03n\xc1\x01\x01\x01\x01\x12\x02"},
+ {"go/format", "\x03n\x01\v\x01\x02qD"},
+ {"go/importer", "s\a\x01\x01\x04\x01p9"},
+ {"go/internal/gccgoimporter", "\x02\x01X\x13\x03\x04\v\x01n\x02,\x01\x05\x11\x01\f\b"},
+ {"go/internal/gcimporter", "\x02o\x0f\x010\x05\x0e-,\x15\x03\x02"},
+ {"go/internal/srcimporter", "q\x01\x01\n\x03\x01p,\x01\x05\x12\x02\x14"},
+ {"go/parser", "\x03k\x03\x01\x02\v\x01q\x01+\x06\x12"},
+ {"go/printer", "q\x01\x02\x03\tq\f \x15\x02\x01\x02\v\x05\x02"},
+ {"go/scanner", "\x03n\x0fq2\x10\x01\x13\x02"},
+ {"go/token", "\x04m\x83\x01>\x02\x03\x01\x0f\x02"},
+ {"go/types", "\x03\x01\x06d\x03\x01\x03\b\x03\x02\x15\x1f\x061\x04\x03\t \x06\a\b\x01\x01\x01\x02\x01\x0f\x02\x02"},
+ {"go/version", "\xbb\x01z"},
+ {"hash", "\xf1\x01"},
+ {"hash/adler32", "n\x15\x16"},
+ {"hash/crc32", "n\x15\x16\x15\x89\x01\x01\x13"},
+ {"hash/crc64", "n\x15\x16\x9e\x01"},
+ {"hash/fnv", "n\x15\x16g"},
+ {"hash/maphash", "\x83\x01\x11!\x03\x93\x01"},
+ {"html", "\xb5\x02\x02\x12"},
+ {"html/template", "\x03h\x06\x18-;\x01\n!\x05\x01\x02\x03\f\x01\x02\f\x01\x03\x02"},
+ {"image", "\x02l\x1ee\x0f4\x03\x01"},
{"image/color", ""},
{"image/color/palette", "\x8c\x01"},
{"image/draw", "\x8b\x01\x01\x04"},
- {"image/gif", "\x02\x01\x05e\x03\x1b\x01\x01\x01\vQ"},
+ {"image/gif", "\x02\x01\x05f\x03\x1a\x01\x01\x01\vX"},
{"image/internal/imageutil", "\x8b\x01"},
- {"image/jpeg", "\x02k\x1e\x01\x04Z"},
- {"image/png", "\x02\a]\n\x13\x02\x06\x01^E"},
- {"index/suffixarray", "\x03c\a}\r*\f\x01"},
- {"internal/abi", "\xb4\x01\x91\x01"},
- {"internal/asan", "\xc5\x02"},
- {"internal/bisect", "\xa3\x02\x0f\x01"},
- {"internal/buildcfg", "pG_\x06\x02\x05\f\x01"},
- {"internal/bytealg", "\xad\x01\x98\x01"},
+ {"image/jpeg", "\x02l\x1d\x01\x04a"},
+ {"image/png", "\x02\a^\n\x12\x02\x06\x01eC"},
+ {"index/suffixarray", "\x03d\a\x83\x01\f+\n\x01"},
+ {"internal/abi", "\xb5\x01\x96\x01"},
+ {"internal/asan", "\xcb\x02"},
+ {"internal/bisect", "\xaa\x02\r\x01"},
+ {"internal/buildcfg", "qGe\x06\x02\x05\n\x01"},
+ {"internal/bytealg", "\xae\x01\x9d\x01"},
{"internal/byteorder", ""},
{"internal/cfg", ""},
- {"internal/chacha8rand", "\x99\x01\x1b\x91\x01"},
+ {"internal/cgrouptest", "q[Q\x06\x0f\x02\x01\x04\x01"},
+ {"internal/chacha8rand", "\x99\x01\x15\a\x96\x01"},
{"internal/copyright", ""},
{"internal/coverage", ""},
{"internal/coverage/calloc", ""},
- {"internal/coverage/cfile", "j\x06\x17\x16\x01\x02\x01\x01\x01\x01\x01\x01\x01#\x01\x1f,\x06\a\f\x01\x03\f\x06"},
- {"internal/coverage/cformat", "\x04l-\x04I\f7\x01\x02\f"},
- {"internal/coverage/cmerge", "p-Z"},
- {"internal/coverage/decodecounter", "f\n-\v\x02@,\x19\x16"},
- {"internal/coverage/decodemeta", "\x02d\n\x17\x16\v\x02@,"},
- {"internal/coverage/encodecounter", "\x02d\n-\f\x01\x02>\f \x17"},
- {"internal/coverage/encodemeta", "\x02\x01c\n\x13\x04\x16\r\x02>,/"},
- {"internal/coverage/pods", "\x04l-y\x06\x05\f\x02\x01"},
- {"internal/coverage/rtcov", "\xc5\x02"},
- {"internal/coverage/slicereader", "f\nz["},
- {"internal/coverage/slicewriter", "pz"},
- {"internal/coverage/stringtab", "p8\x04>"},
+ {"internal/coverage/cfile", "k\x06\x16\x17\x01\x02\x01\x01\x01\x01\x01\x01\x01#\x02$,\x06\a\n\x01\x03\r\x06"},
+ {"internal/coverage/cformat", "\x04m-\x04O\v6\x01\x02\r"},
+ {"internal/coverage/cmerge", "q-_"},
+ {"internal/coverage/decodecounter", "g\n-\v\x02F,\x17\x17"},
+ {"internal/coverage/decodemeta", "\x02e\n\x16\x17\v\x02F,"},
+ {"internal/coverage/encodecounter", "\x02e\n-\f\x01\x02D\v!\x15"},
+ {"internal/coverage/encodemeta", "\x02\x01d\n\x12\x04\x17\r\x02D,."},
+ {"internal/coverage/pods", "\x04m-\x7f\x06\x05\n\x02\x01"},
+ {"internal/coverage/rtcov", "\xcb\x02"},
+ {"internal/coverage/slicereader", "g\n\x80\x01Z"},
+ {"internal/coverage/slicewriter", "q\x80\x01"},
+ {"internal/coverage/stringtab", "q8\x04D"},
{"internal/coverage/test", ""},
{"internal/coverage/uleb128", ""},
- {"internal/cpu", "\xc5\x02"},
- {"internal/dag", "\x04l\xbd\x01\x03"},
- {"internal/diff", "\x03m\xbe\x01\x02"},
- {"internal/exportdata", "\x02\x01j\x03\x03]\x1a,\x01\x05\x13\x01\x02"},
- {"internal/filepathlite", "m+:\x19B"},
- {"internal/fmtsort", "\x04\x9a\x02\x0f"},
- {"internal/fuzz", "\x03\nA\x18\x04\x03\x03\x01\f\x0355\r\x02\x1d\x01\x05\x02\x05\f\x01\x02\x01\x01\v\x04\x02"},
+ {"internal/cpu", "\xcb\x02"},
+ {"internal/dag", "\x04m\xc1\x01\x03"},
+ {"internal/diff", "\x03n\xc2\x01\x02"},
+ {"internal/exportdata", "\x02\x01k\x03\x02c\x1b,\x01\x05\x11\x01\x02"},
+ {"internal/filepathlite", "n*@\x1a@"},
+ {"internal/fmtsort", "\x04\xa1\x02\r"},
+ {"internal/fuzz", "\x03\nB\x18\x04\x03\x03\x01\v\x036;\f\x03\x1d\x01\x05\x02\x05\n\x01\x02\x01\x01\f\x04\x02"},
{"internal/goarch", ""},
- {"internal/godebug", "\x96\x01 |\x01\x12"},
+ {"internal/godebug", "\x96\x01!\x80\x01\x01\x13"},
{"internal/godebugs", ""},
{"internal/goexperiment", ""},
{"internal/goos", ""},
- {"internal/goroot", "\x96\x02\x01\x05\x14\x02"},
+ {"internal/goroot", "\x9d\x02\x01\x05\x12\x02"},
{"internal/gover", "\x04"},
{"internal/goversion", ""},
{"internal/itoa", ""},
- {"internal/lazyregexp", "\x96\x02\v\x0f\x02"},
- {"internal/lazytemplate", "\xea\x01,\x1a\x02\v"},
- {"internal/msan", "\xc5\x02"},
+ {"internal/lazyregexp", "\x9d\x02\v\r\x02"},
+ {"internal/lazytemplate", "\xf1\x01,\x18\x02\f"},
+ {"internal/msan", "\xcb\x02"},
{"internal/nettrace", ""},
- {"internal/obscuretestdata", "e\x85\x01,"},
- {"internal/oserror", "m"},
- {"internal/pkgbits", "\x03K\x18\a\x03\x05\vj\x0e\x1e\r\f\x01"},
+ {"internal/obscuretestdata", "f\x8b\x01,"},
+ {"internal/oserror", "n"},
+ {"internal/pkgbits", "\x03L\x18\a\x03\x04\vq\r\x1f\r\n\x01"},
{"internal/platform", ""},
- {"internal/poll", "mO\x1a\x149\x0f\x01\x01\v\x06"},
- {"internal/profile", "\x03\x04f\x03z7\r\x01\x01\x0f"},
+ {"internal/poll", "nO\x1f\x159\r\x01\x01\f\x06"},
+ {"internal/profile", "\x03\x04g\x03\x80\x017\v\x01\x01\x10"},
{"internal/profilerecord", ""},
- {"internal/race", "\x94\x01\xb1\x01"},
- {"internal/reflectlite", "\x94\x01 3<\""},
- {"internal/runtime/atomic", "\xc5\x02"},
- {"internal/runtime/exithook", "\xca\x01{"},
- {"internal/runtime/maps", "\x94\x01\x01\x1f\v\t\x05\x01w"},
- {"internal/runtime/math", "\xb4\x01"},
- {"internal/runtime/sys", "\xb4\x01\x04"},
- {"internal/runtime/syscall", "\xc5\x02"},
- {"internal/saferio", "\xea\x01["},
- {"internal/singleflight", "\xb2\x02"},
- {"internal/stringslite", "\x98\x01\xad\x01"},
- {"internal/sync", "\x94\x01 \x14k\x12"},
- {"internal/synctest", "\xc5\x02"},
- {"internal/syscall/execenv", "\xb4\x02"},
- {"internal/syscall/unix", "\xa3\x02\x10\x01\x11"},
- {"internal/sysinfo", "\x02\x01\xaa\x01=,\x1a\x02"},
+ {"internal/race", "\x94\x01\xb7\x01"},
+ {"internal/reflectlite", "\x94\x01!9\b\x13\x01\a\x03E;\x01\x03\a\x01\x03\x02\x02\x01\x02\x06\x02\x01\x01\n\x01\x01\x05\x01\x02\x05\b\x01\x01\x01\x02\x01\r\x02\x02\x02\b\x01\x01\x01"},
+ {"net/http/cgi", "\x02Q\x1b\x03\x80\x01\x04\a\v\x01\x13\x01\x01\x01\x04\x01\x05\x02\b\x02\x01\x10\x0e"},
+ {"net/http/cookiejar", "\x04j\x03\x96\x01\x01\b\f\x16\x03\x02\x0e\x04"},
+ {"net/http/fcgi", "\x02\x01\nZ\a\x03\x80\x01\x16\x01\x01\x14\x18\x02\x0e"},
+ {"net/http/httptest", "\x02\x01\nF\x02\x1b\x01\x80\x01\x04\x12\x01\n\t\x02\x17\x01\x02\x0e\x0e"},
+ {"net/http/httptrace", "\rFnF\x14\n "},
+ {"net/http/httputil", "\x02\x01\na\x03\x80\x01\x04\x0f\x03\x01\x05\x02\x01\v\x01\x19\x02\x0e\x0e"},
+ {"net/http/internal", "\x02\x01k\x03\x80\x01"},
+ {"net/http/internal/ascii", "\xb5\x02\x12"},
+ {"net/http/internal/httpcommon", "\ra\x03\x9c\x01\x0e\x01\x17\x01\x01\x02\x1c\x02"},
+ {"net/http/internal/testcert", "\xb5\x02"},
+ {"net/http/pprof", "\x02\x01\nd\x18-\x11*\x04\x13\x14\x01\r\x04\x03\x01\x02\x01\x10"},
{"net/internal/cgotest", ""},
- {"net/internal/socktest", "p\xc2\x01\x02"},
- {"net/mail", "\x02k\x03z\x04\x0f\x03\x14\x1c\x02\r\x04"},
- {"net/netip", "\x04i+\x01#;\x026\x15"},
- {"net/rpc", "\x02f\x05\x03\x10\n`\x04\x12\x01\x1d\x0f\x03\x02"},
- {"net/rpc/jsonrpc", "j\x03\x03z\x16\x11!"},
- {"net/smtp", "\x19.\v\x13\b\x03z\x16\x14\x1c"},
- {"net/textproto", "\x02\x01j\x03z\r\t/\x01\x02\x13"},
- {"net/url", "m\x03\x86\x01%\x12\x02\x01\x15"},
- {"os", "m+\x01\x18\x03\b\t\r\x03\x01\x04\x10\x018\n\x05\x01\x01\v\x06"},
- {"os/exec", "\x03\n`H \x01\x14\x01+\x06\a\f\x01\x04\v"},
- {"os/exec/internal/fdtest", "\xb4\x02"},
- {"os/signal", "\r\x89\x02\x17\x05\x02"},
- {"os/user", "\x02\x01j\x03z,\r\f\x01\x02"},
- {"path", "m+\xab\x01"},
- {"path/filepath", "m+\x19:+\r\n\x03\x04\x0f"},
- {"plugin", "m"},
- {"reflect", "m'\x04\x1c\b\f\x04\x02\x19\x10,\f\x03\x0f\x02\x02"},
+ {"net/internal/socktest", "q\xc6\x01\x02"},
+ {"net/mail", "\x02l\x03\x80\x01\x04\x0f\x03\x14\x1a\x02\x0e\x04"},
+ {"net/netip", "\x04j*\x01$@\x034\x16"},
+ {"net/rpc", "\x02g\x05\x03\x0f\ng\x04\x12\x01\x1d\r\x03\x02"},
+ {"net/rpc/jsonrpc", "k\x03\x03\x80\x01\x16\x11\x1f"},
+ {"net/smtp", "\x19/\v\x13\b\x03\x80\x01\x16\x14\x1a"},
+ {"net/textproto", "\x02\x01k\x03\x80\x01\f\n-\x01\x02\x14"},
+ {"net/url", "n\x03\x8b\x01&\x10\x02\x01\x16"},
+ {"os", "n*\x01\x19\x03\b\t\x12\x03\x01\x05\x10\x018\b\x05\x01\x01\f\x06"},
+ {"os/exec", "\x03\naH%\x01\x15\x01+\x06\a\n\x01\x04\f"},
+ {"os/exec/internal/fdtest", "\xb9\x02"},
+ {"os/signal", "\r\x90\x02\x15\x05\x02"},
+ {"os/user", "\x02\x01k\x03\x80\x01,\r\n\x01\x02"},
+ {"path", "n*\xb1\x01"},
+ {"path/filepath", "n*\x1a@+\r\b\x03\x04\x10"},
+ {"plugin", "n"},
+ {"reflect", "n&\x04\x1d\b\f\x06\x04\x1b\x06\t-\n\x03\x10\x02\x02"},
{"reflect/internal/example1", ""},
{"reflect/internal/example2", ""},
- {"regexp", "\x03\xe7\x018\v\x02\x01\x02\x0f\x02"},
- {"regexp/syntax", "\xad\x02\x01\x01\x01\x11\x02"},
- {"runtime", "\x94\x01\x04\x01\x02\f\x06\a\x02\x01\x01\x0f\x03\x01\x01\x01\x01\x01\x03\x0fd"},
- {"runtime/coverage", "\x9f\x01K"},
- {"runtime/debug", "pUQ\r\n\x02\x01\x0f\x06"},
- {"runtime/internal/startlinetest", ""},
- {"runtime/internal/wasitest", ""},
- {"runtime/metrics", "\xb6\x01A,\""},
- {"runtime/pprof", "\x02\x01\x01\x03\x06Y\a\x03$3#\r\x1f\r\n\x01\x01\x01\x02\x02\b\x03\x06"},
- {"runtime/race", "\xab\x02"},
+ {"regexp", "\x03\xee\x018\t\x02\x01\x02\x10\x02"},
+ {"regexp/syntax", "\xb2\x02\x01\x01\x01\x02\x10\x02"},
+ {"runtime", "\x94\x01\x04\x01\x03\f\x06\a\x02\x01\x01\x0f\x03\x01\x01\x01\x01\x01\x02\x01\x01\x04\x10c"},
+ {"runtime/coverage", "\xa0\x01Q"},
+ {"runtime/debug", "qUW\r\b\x02\x01\x10\x06"},
+ {"runtime/metrics", "\xb7\x01F-!"},
+ {"runtime/pprof", "\x02\x01\x01\x03\x06Z\a\x03#4)\f \r\b\x01\x01\x01\x02\x02\t\x03\x06"},
+ {"runtime/race", "\xb0\x02"},
{"runtime/race/internal/amd64v1", ""},
- {"runtime/trace", "\rcz9\x0f\x01\x12"},
- {"slices", "\x04\xe9\x01\fL"},
- {"sort", "\xc9\x0104"},
- {"strconv", "m+:%\x02J"},
- {"strings", "m'\x04:\x18\x03\f9\x0f\x02\x02"},
+ {"runtime/trace", "\ra\x03w\t9\b\x05\x01\r\x06"},
+ {"slices", "\x04\xf0\x01\fK"},
+ {"sort", "\xca\x0162"},
+ {"strconv", "n*@%\x03I"},
+ {"strings", "n&\x04@\x19\x03\f7\x10\x02\x02"},
{"structs", ""},
- {"sync", "\xc8\x01\vP\x10\x12"},
- {"sync/atomic", "\xc5\x02"},
- {"syscall", "m(\x03\x01\x1b\b\x03\x03\x06\aT\n\x05\x01\x12"},
- {"testing", "\x03\n`\x02\x01X\x0f\x13\r\x04\x1b\x06\x02\x05\x02\a\x01\x02\x01\x02\x01\f\x02\x02\x02"},
- {"testing/fstest", "m\x03z\x01\v%\x12\x03\b\a"},
- {"testing/internal/testdeps", "\x02\v\xa6\x01'\x10,\x03\x05\x03\b\a\x02\r"},
- {"testing/iotest", "\x03j\x03z\x04"},
- {"testing/quick", "o\x01\x87\x01\x04#\x12\x0f"},
- {"testing/slogtest", "\r`\x03\x80\x01.\x05\x12\n"},
- {"text/scanner", "\x03mz,+\x02"},
- {"text/tabwriter", "pzY"},
- {"text/template", "m\x03B8\x01\v\x1f\x01\x05\x01\x02\x05\r\x02\f\x03\x02"},
- {"text/template/parse", "\x03m\xb3\x01\f\x01\x11\x02"},
- {"time", "m+\x1d\x1d'*\x0f\x02\x11"},
- {"time/tzdata", "m\xc7\x01\x11"},
+ {"sync", "\xc9\x01\x10\x01P\x0e\x13"},
+ {"sync/atomic", "\xcb\x02"},
+ {"syscall", "n'\x03\x01\x1c\b\x03\x03\x06\vV\b\x05\x01\x13"},
+ {"testing", "\x03\na\x02\x01X\x14\x14\f\x05\x1b\x06\x02\x05\x02\x05\x01\x02\x01\x02\x01\r\x02\x02\x02"},
+ {"testing/fstest", "n\x03\x80\x01\x01\n&\x10\x03\b\b"},
+ {"testing/internal/testdeps", "\x02\v\xa7\x01-\x10,\x03\x05\x03\x06\a\x02\x0e"},
+ {"testing/iotest", "\x03k\x03\x80\x01\x04"},
+ {"testing/quick", "p\x01\x8c\x01\x05#\x10\x10"},
+ {"testing/slogtest", "\ra\x03\x86\x01.\x05\x10\v"},
+ {"testing/synctest", "\xda\x01`\x11"},
+ {"text/scanner", "\x03n\x80\x01,*\x02"},
+ {"text/tabwriter", "q\x80\x01X"},
+ {"text/template", "n\x03B>\x01\n \x01\x05\x01\x02\x05\v\x02\r\x03\x02"},
+ {"text/template/parse", "\x03n\xb9\x01\n\x01\x12\x02"},
+ {"time", "n*\x1e\"(*\r\x02\x12"},
+ {"time/tzdata", "n\xcb\x01\x12"},
{"unicode", ""},
{"unicode/utf16", ""},
{"unicode/utf8", ""},
- {"unique", "\x94\x01>\x01P\x0f\x13\x12"},
+ {"unique", "\x94\x01!#\x01Q\r\x01\x13\x12"},
{"unsafe", ""},
- {"vendor/golang.org/x/crypto/chacha20", "\x10V\a\x8c\x01*'"},
- {"vendor/golang.org/x/crypto/chacha20poly1305", "\x10V\a\xd9\x01\x04\x01\a"},
- {"vendor/golang.org/x/crypto/cryptobyte", "c\n\x03\x88\x01&!\n"},
+ {"vendor/golang.org/x/crypto/chacha20", "\x10W\a\x92\x01*&"},
+ {"vendor/golang.org/x/crypto/chacha20poly1305", "\x10W\a\xde\x01\x04\x01\a"},
+ {"vendor/golang.org/x/crypto/cryptobyte", "d\n\x03\x8d\x01' \n"},
{"vendor/golang.org/x/crypto/cryptobyte/asn1", ""},
- {"vendor/golang.org/x/crypto/internal/alias", "\xc5\x02"},
- {"vendor/golang.org/x/crypto/internal/poly1305", "Q\x15\x93\x01"},
- {"vendor/golang.org/x/net/dns/dnsmessage", "m"},
- {"vendor/golang.org/x/net/http/httpguts", "\x80\x02\x14\x1c\x13\r"},
- {"vendor/golang.org/x/net/http/httpproxy", "m\x03\x90\x01\x15\x01\x1a\x13\r"},
- {"vendor/golang.org/x/net/http2/hpack", "\x03j\x03zH"},
- {"vendor/golang.org/x/net/idna", "p\x87\x019\x13\x10\x02\x01"},
- {"vendor/golang.org/x/net/nettest", "\x03c\a\x03z\x11\x05\x16\x01\f\f\x01\x02\x02\x01\n"},
- {"vendor/golang.org/x/sys/cpu", "\x96\x02\r\f\x01\x15"},
- {"vendor/golang.org/x/text/secure/bidirule", "m\xd6\x01\x11\x01"},
- {"vendor/golang.org/x/text/transform", "\x03j}Y"},
- {"vendor/golang.org/x/text/unicode/bidi", "\x03\be~@\x15"},
- {"vendor/golang.org/x/text/unicode/norm", "f\nzH\x11\x11"},
- {"weak", "\x94\x01\x8f\x01\""},
+ {"vendor/golang.org/x/crypto/internal/alias", "\xcb\x02"},
+ {"vendor/golang.org/x/crypto/internal/poly1305", "R\x15\x99\x01"},
+ {"vendor/golang.org/x/net/dns/dnsmessage", "n"},
+ {"vendor/golang.org/x/net/http/httpguts", "\x87\x02\x14\x1a\x14\r"},
+ {"vendor/golang.org/x/net/http/httpproxy", "n\x03\x96\x01\x10\x05\x01\x18\x14\r"},
+ {"vendor/golang.org/x/net/http2/hpack", "\x03k\x03\x80\x01F"},
+ {"vendor/golang.org/x/net/idna", "q\x8c\x018\x14\x10\x02\x01"},
+ {"vendor/golang.org/x/net/nettest", "\x03d\a\x03\x80\x01\x11\x05\x16\x01\f\n\x01\x02\x02\x01\v"},
+ {"vendor/golang.org/x/sys/cpu", "\x9d\x02\r\n\x01\x16"},
+ {"vendor/golang.org/x/text/secure/bidirule", "n\xdb\x01\x11\x01"},
+ {"vendor/golang.org/x/text/transform", "\x03k\x83\x01X"},
+ {"vendor/golang.org/x/text/unicode/bidi", "\x03\bf\x84\x01>\x16"},
+ {"vendor/golang.org/x/text/unicode/norm", "g\n\x80\x01F\x12\x11"},
+ {"weak", "\x94\x01\x96\x01!"},
}
diff --git a/vendor/golang.org/x/tools/internal/stdlib/manifest.go b/vendor/golang.org/x/tools/internal/stdlib/manifest.go
index 64f0326b64..c1faa50d36 100644
--- a/vendor/golang.org/x/tools/internal/stdlib/manifest.go
+++ b/vendor/golang.org/x/tools/internal/stdlib/manifest.go
@@ -502,6 +502,7 @@ var PackageSymbols = map[string][]Symbol{
{"MD4", Const, 0, ""},
{"MD5", Const, 0, ""},
{"MD5SHA1", Const, 0, ""},
+ {"MessageSigner", Type, 25, ""},
{"PrivateKey", Type, 0, ""},
{"PublicKey", Type, 2, ""},
{"RIPEMD160", Const, 0, ""},
@@ -517,6 +518,7 @@ var PackageSymbols = map[string][]Symbol{
{"SHA512", Const, 0, ""},
{"SHA512_224", Const, 5, ""},
{"SHA512_256", Const, 5, ""},
+ {"SignMessage", Func, 25, "func(signer Signer, rand io.Reader, msg []byte, opts SignerOpts) (signature []byte, err error)"},
{"Signer", Type, 4, ""},
{"SignerOpts", Type, 4, ""},
},
@@ -600,10 +602,12 @@ var PackageSymbols = map[string][]Symbol{
{"X25519", Func, 20, "func() Curve"},
},
"crypto/ecdsa": {
+ {"(*PrivateKey).Bytes", Method, 25, ""},
{"(*PrivateKey).ECDH", Method, 20, ""},
{"(*PrivateKey).Equal", Method, 15, ""},
{"(*PrivateKey).Public", Method, 4, ""},
{"(*PrivateKey).Sign", Method, 4, ""},
+ {"(*PublicKey).Bytes", Method, 25, ""},
{"(*PublicKey).ECDH", Method, 20, ""},
{"(*PublicKey).Equal", Method, 15, ""},
{"(PrivateKey).Add", Method, 0, ""},
@@ -619,6 +623,8 @@ var PackageSymbols = map[string][]Symbol{
{"(PublicKey).ScalarBaseMult", Method, 0, ""},
{"(PublicKey).ScalarMult", Method, 0, ""},
{"GenerateKey", Func, 0, "func(c elliptic.Curve, rand io.Reader) (*PrivateKey, error)"},
+ {"ParseRawPrivateKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PrivateKey, error)"},
+ {"ParseUncompressedPublicKey", Func, 25, "func(curve elliptic.Curve, data []byte) (*PublicKey, error)"},
{"PrivateKey", Type, 0, ""},
{"PrivateKey.D", Field, 0, ""},
{"PrivateKey.PublicKey", Field, 0, ""},
@@ -815,6 +821,7 @@ var PackageSymbols = map[string][]Symbol{
"crypto/sha3": {
{"(*SHA3).AppendBinary", Method, 24, ""},
{"(*SHA3).BlockSize", Method, 24, ""},
+ {"(*SHA3).Clone", Method, 25, ""},
{"(*SHA3).MarshalBinary", Method, 24, ""},
{"(*SHA3).Reset", Method, 24, ""},
{"(*SHA3).Size", Method, 24, ""},
@@ -967,6 +974,7 @@ var PackageSymbols = map[string][]Symbol{
{"Config.GetCertificate", Field, 4, ""},
{"Config.GetClientCertificate", Field, 8, ""},
{"Config.GetConfigForClient", Field, 8, ""},
+ {"Config.GetEncryptedClientHelloKeys", Field, 25, ""},
{"Config.InsecureSkipVerify", Field, 0, ""},
{"Config.KeyLogWriter", Field, 8, ""},
{"Config.MaxVersion", Field, 2, ""},
@@ -5463,6 +5471,7 @@ var PackageSymbols = map[string][]Symbol{
{"ParenExpr.X", Field, 0, ""},
{"Pkg", Const, 0, ""},
{"Preorder", Func, 23, "func(root Node) iter.Seq[Node]"},
+ {"PreorderStack", Func, 25, "func(root Node, stack []Node, f func(n Node, stack []Node) bool)"},
{"Print", Func, 0, "func(fset *token.FileSet, x any) error"},
{"RECV", Const, 0, ""},
{"RangeStmt", Type, 0, ""},
@@ -5933,6 +5942,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*File).SetLines", Method, 0, ""},
{"(*File).SetLinesForContent", Method, 0, ""},
{"(*File).Size", Method, 0, ""},
+ {"(*FileSet).AddExistingFiles", Method, 25, ""},
{"(*FileSet).AddFile", Method, 0, ""},
{"(*FileSet).Base", Method, 0, ""},
{"(*FileSet).File", Method, 0, ""},
@@ -6382,7 +6392,7 @@ var PackageSymbols = map[string][]Symbol{
{"Label", Type, 5, ""},
{"LocalVar", Const, 25, ""},
{"LookupFieldOrMethod", Func, 5, "func(T Type, addressable bool, pkg *Package, name string) (obj Object, index []int, indirect bool)"},
- {"LookupSelection", Func, 25, ""},
+ {"LookupSelection", Func, 25, "func(T Type, addressable bool, pkg *Package, name string) (Selection, bool)"},
{"Map", Type, 5, ""},
{"MethodExpr", Const, 5, ""},
{"MethodSet", Type, 5, ""},
@@ -6490,9 +6500,11 @@ var PackageSymbols = map[string][]Symbol{
{"Lang", Func, 22, "func(x string) string"},
},
"hash": {
+ {"Cloner", Type, 25, ""},
{"Hash", Type, 0, ""},
{"Hash32", Type, 0, ""},
{"Hash64", Type, 0, ""},
+ {"XOF", Type, 25, ""},
},
"hash/adler32": {
{"Checksum", Func, 0, "func(data []byte) uint32"},
@@ -6533,6 +6545,7 @@ var PackageSymbols = map[string][]Symbol{
},
"hash/maphash": {
{"(*Hash).BlockSize", Method, 14, ""},
+ {"(*Hash).Clone", Method, 25, ""},
{"(*Hash).Reset", Method, 14, ""},
{"(*Hash).Seed", Method, 14, ""},
{"(*Hash).SetSeed", Method, 14, ""},
@@ -7133,7 +7146,7 @@ var PackageSymbols = map[string][]Symbol{
{"FormatFileInfo", Func, 21, "func(info FileInfo) string"},
{"Glob", Func, 16, "func(fsys FS, pattern string) (matches []string, err error)"},
{"GlobFS", Type, 16, ""},
- {"Lstat", Func, 25, ""},
+ {"Lstat", Func, 25, "func(fsys FS, name string) (FileInfo, error)"},
{"ModeAppend", Const, 16, ""},
{"ModeCharDevice", Const, 16, ""},
{"ModeDevice", Const, 16, ""},
@@ -7158,7 +7171,7 @@ var PackageSymbols = map[string][]Symbol{
{"ReadDirFile", Type, 16, ""},
{"ReadFile", Func, 16, "func(fsys FS, name string) ([]byte, error)"},
{"ReadFileFS", Type, 16, ""},
- {"ReadLink", Func, 25, ""},
+ {"ReadLink", Func, 25, "func(fsys FS, name string) (string, error)"},
{"ReadLinkFS", Type, 25, ""},
{"SkipAll", Var, 20, ""},
{"SkipDir", Var, 16, ""},
@@ -7275,6 +7288,7 @@ var PackageSymbols = map[string][]Symbol{
{"(Record).Attrs", Method, 21, ""},
{"(Record).Clone", Method, 21, ""},
{"(Record).NumAttrs", Method, 21, ""},
+ {"(Record).Source", Method, 25, ""},
{"(Value).Any", Method, 21, ""},
{"(Value).Bool", Method, 21, ""},
{"(Value).Duration", Method, 21, ""},
@@ -7306,6 +7320,7 @@ var PackageSymbols = map[string][]Symbol{
{"Float64", Func, 21, "func(key string, v float64) Attr"},
{"Float64Value", Func, 21, "func(v float64) Value"},
{"Group", Func, 21, "func(key string, args ...any) Attr"},
+ {"GroupAttrs", Func, 25, "func(key string, attrs ...Attr) Attr"},
{"GroupValue", Func, 21, "func(as ...Attr) Value"},
{"Handler", Type, 21, ""},
{"HandlerOptions", Type, 21, ""},
@@ -7916,7 +7931,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*Writer).WriteField", Method, 0, ""},
{"ErrMessageTooLarge", Var, 9, ""},
{"File", Type, 0, ""},
- {"FileContentDisposition", Func, 25, ""},
+ {"FileContentDisposition", Func, 25, "func(fieldname string, filename string) string"},
{"FileHeader", Type, 0, ""},
{"FileHeader.Filename", Field, 0, ""},
{"FileHeader.Header", Field, 0, ""},
@@ -8294,6 +8309,11 @@ var PackageSymbols = map[string][]Symbol{
{"(*Client).PostForm", Method, 0, ""},
{"(*Cookie).String", Method, 0, ""},
{"(*Cookie).Valid", Method, 18, ""},
+ {"(*CrossOriginProtection).AddInsecureBypassPattern", Method, 25, ""},
+ {"(*CrossOriginProtection).AddTrustedOrigin", Method, 25, ""},
+ {"(*CrossOriginProtection).Check", Method, 25, ""},
+ {"(*CrossOriginProtection).Handler", Method, 25, ""},
+ {"(*CrossOriginProtection).SetDenyHandler", Method, 25, ""},
{"(*MaxBytesError).Error", Method, 19, ""},
{"(*ProtocolError).Error", Method, 0, ""},
{"(*ProtocolError).Is", Method, 21, ""},
@@ -8388,6 +8408,7 @@ var PackageSymbols = map[string][]Symbol{
{"Cookie.Unparsed", Field, 0, ""},
{"Cookie.Value", Field, 0, ""},
{"CookieJar", Type, 0, ""},
+ {"CrossOriginProtection", Type, 25, ""},
{"DefaultClient", Var, 0, ""},
{"DefaultMaxHeaderBytes", Const, 0, ""},
{"DefaultMaxIdleConnsPerHost", Const, 0, ""},
@@ -8460,6 +8481,7 @@ var PackageSymbols = map[string][]Symbol{
{"MethodPost", Const, 6, ""},
{"MethodPut", Const, 6, ""},
{"MethodTrace", Const, 6, ""},
+ {"NewCrossOriginProtection", Func, 25, "func() *CrossOriginProtection"},
{"NewFileTransport", Func, 0, "func(fs FileSystem) RoundTripper"},
{"NewFileTransportFS", Func, 22, "func(fsys fs.FS) RoundTripper"},
{"NewRequest", Func, 0, "func(method string, url string, body io.Reader) (*Request, error)"},
@@ -9174,15 +9196,19 @@ var PackageSymbols = map[string][]Symbol{
{"(*Root).Link", Method, 25, ""},
{"(*Root).Lstat", Method, 24, ""},
{"(*Root).Mkdir", Method, 24, ""},
+ {"(*Root).MkdirAll", Method, 25, ""},
{"(*Root).Name", Method, 24, ""},
{"(*Root).Open", Method, 24, ""},
{"(*Root).OpenFile", Method, 24, ""},
{"(*Root).OpenRoot", Method, 24, ""},
+ {"(*Root).ReadFile", Method, 25, ""},
{"(*Root).Readlink", Method, 25, ""},
{"(*Root).Remove", Method, 24, ""},
+ {"(*Root).RemoveAll", Method, 25, ""},
{"(*Root).Rename", Method, 25, ""},
{"(*Root).Stat", Method, 24, ""},
{"(*Root).Symlink", Method, 25, ""},
+ {"(*Root).WriteFile", Method, 25, ""},
{"(*SyscallError).Error", Method, 0, ""},
{"(*SyscallError).Timeout", Method, 10, ""},
{"(*SyscallError).Unwrap", Method, 13, ""},
@@ -9623,6 +9649,7 @@ var PackageSymbols = map[string][]Symbol{
{"StructTag", Type, 0, ""},
{"Swapper", Func, 8, "func(slice any) func(i int, j int)"},
{"Type", Type, 0, ""},
+ {"TypeAssert", Func, 25, "func[T any](v Value) (T, bool)"},
{"TypeFor", Func, 22, "func[T any]() Type"},
{"TypeOf", Func, 0, "func(i any) Type"},
{"Uint", Const, 0, ""},
@@ -9909,6 +9936,7 @@ var PackageSymbols = map[string][]Symbol{
{"SetBlockProfileRate", Func, 1, "func(rate int)"},
{"SetCPUProfileRate", Func, 0, "func(hz int)"},
{"SetCgoTraceback", Func, 7, "func(version int, traceback unsafe.Pointer, context unsafe.Pointer, symbolizer unsafe.Pointer)"},
+ {"SetDefaultGOMAXPROCS", Func, 25, "func()"},
{"SetFinalizer", Func, 0, "func(obj any, finalizer any)"},
{"SetMutexProfileFraction", Func, 8, "func(rate int) int"},
{"Stack", Func, 0, "func(buf []byte, all bool) int"},
@@ -10021,11 +10049,20 @@ var PackageSymbols = map[string][]Symbol{
{"WriteHeapProfile", Func, 0, "func(w io.Writer) error"},
},
"runtime/trace": {
+ {"(*FlightRecorder).Enabled", Method, 25, ""},
+ {"(*FlightRecorder).Start", Method, 25, ""},
+ {"(*FlightRecorder).Stop", Method, 25, ""},
+ {"(*FlightRecorder).WriteTo", Method, 25, ""},
{"(*Region).End", Method, 11, ""},
{"(*Task).End", Method, 11, ""},
+ {"FlightRecorder", Type, 25, ""},
+ {"FlightRecorderConfig", Type, 25, ""},
+ {"FlightRecorderConfig.MaxBytes", Field, 25, ""},
+ {"FlightRecorderConfig.MinAge", Field, 25, ""},
{"IsEnabled", Func, 11, "func() bool"},
{"Log", Func, 11, "func(ctx context.Context, category string, message string)"},
{"Logf", Func, 11, "func(ctx context.Context, category string, format string, args ...any)"},
+ {"NewFlightRecorder", Func, 25, "func(cfg FlightRecorderConfig) *FlightRecorder"},
{"NewTask", Func, 11, "func(pctx context.Context, taskType string) (ctx context.Context, task *Task)"},
{"Region", Type, 11, ""},
{"Start", Func, 5, "func(w io.Writer) error"},
@@ -16642,6 +16679,7 @@ var PackageSymbols = map[string][]Symbol{
{"ValueOf", Func, 0, ""},
},
"testing": {
+ {"(*B).Attr", Method, 25, ""},
{"(*B).Chdir", Method, 24, ""},
{"(*B).Cleanup", Method, 14, ""},
{"(*B).Context", Method, 24, ""},
@@ -16658,6 +16696,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*B).Logf", Method, 0, ""},
{"(*B).Loop", Method, 24, ""},
{"(*B).Name", Method, 8, ""},
+ {"(*B).Output", Method, 25, ""},
{"(*B).ReportAllocs", Method, 1, ""},
{"(*B).ReportMetric", Method, 13, ""},
{"(*B).ResetTimer", Method, 0, ""},
@@ -16674,6 +16713,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*B).StopTimer", Method, 0, ""},
{"(*B).TempDir", Method, 15, ""},
{"(*F).Add", Method, 18, ""},
+ {"(*F).Attr", Method, 25, ""},
{"(*F).Chdir", Method, 24, ""},
{"(*F).Cleanup", Method, 18, ""},
{"(*F).Context", Method, 24, ""},
@@ -16689,6 +16729,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*F).Log", Method, 18, ""},
{"(*F).Logf", Method, 18, ""},
{"(*F).Name", Method, 18, ""},
+ {"(*F).Output", Method, 25, ""},
{"(*F).Setenv", Method, 18, ""},
{"(*F).Skip", Method, 18, ""},
{"(*F).SkipNow", Method, 18, ""},
@@ -16697,6 +16738,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*F).TempDir", Method, 18, ""},
{"(*M).Run", Method, 4, ""},
{"(*PB).Next", Method, 3, ""},
+ {"(*T).Attr", Method, 25, ""},
{"(*T).Chdir", Method, 24, ""},
{"(*T).Cleanup", Method, 14, ""},
{"(*T).Context", Method, 24, ""},
@@ -16712,6 +16754,7 @@ var PackageSymbols = map[string][]Symbol{
{"(*T).Log", Method, 0, ""},
{"(*T).Logf", Method, 0, ""},
{"(*T).Name", Method, 8, ""},
+ {"(*T).Output", Method, 25, ""},
{"(*T).Parallel", Method, 0, ""},
{"(*T).Run", Method, 7, ""},
{"(*T).Setenv", Method, 17, ""},
@@ -16834,6 +16877,10 @@ var PackageSymbols = map[string][]Symbol{
{"Run", Func, 22, "func(t *testing.T, newHandler func(*testing.T) slog.Handler, result func(*testing.T) map[string]any)"},
{"TestHandler", Func, 21, "func(h slog.Handler, results func() []map[string]any) error"},
},
+ "testing/synctest": {
+ {"Test", Func, 25, "func(t *testing.T, f func(*testing.T))"},
+ {"Wait", Func, 25, "func()"},
+ },
"text/scanner": {
{"(*Position).IsValid", Method, 0, ""},
{"(*Scanner).Init", Method, 0, ""},
@@ -17347,6 +17394,7 @@ var PackageSymbols = map[string][]Symbol{
{"CaseRange.Lo", Field, 0, ""},
{"CaseRanges", Var, 0, ""},
{"Categories", Var, 0, ""},
+ {"CategoryAliases", Var, 25, ""},
{"Caucasian_Albanian", Var, 4, ""},
{"Cc", Var, 0, ""},
{"Cf", Var, 0, ""},
@@ -17354,6 +17402,7 @@ var PackageSymbols = map[string][]Symbol{
{"Cham", Var, 0, ""},
{"Cherokee", Var, 0, ""},
{"Chorasmian", Var, 16, ""},
+ {"Cn", Var, 25, ""},
{"Co", Var, 0, ""},
{"Common", Var, 0, ""},
{"Coptic", Var, 0, ""},
@@ -17432,6 +17481,7 @@ var PackageSymbols = map[string][]Symbol{
{"Khojki", Var, 4, ""},
{"Khudawadi", Var, 4, ""},
{"L", Var, 0, ""},
+ {"LC", Var, 25, ""},
{"Lao", Var, 0, ""},
{"Latin", Var, 0, ""},
{"Lepcha", Var, 0, ""},
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 5051cac2cd..5905f7e2f2 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -211,7 +211,7 @@ github.com/distribution/reference
## explicit
github.com/docker/distribution/registry/api/errcode
github.com/docker/distribution/registry/api/v2
-# github.com/docker/docker v28.4.0+incompatible
+# github.com/docker/docker v28.5.1+incompatible
## explicit
github.com/docker/docker/api
github.com/docker/docker/api/types
@@ -245,7 +245,7 @@ github.com/docker/docker/pkg/namesgenerator
github.com/docker/docker/pkg/progress
github.com/docker/docker/pkg/stdcopy
github.com/docker/docker/pkg/streamformatter
-# github.com/docker/docker-credential-helpers v0.9.3
+# github.com/docker/docker-credential-helpers v0.9.4
## explicit; go 1.21
github.com/docker/docker-credential-helpers/client
github.com/docker/docker-credential-helpers/credentials
@@ -312,8 +312,8 @@ github.com/google/go-cmp/cmp/internal/diff
github.com/google/go-cmp/cmp/internal/flags
github.com/google/go-cmp/cmp/internal/function
github.com/google/go-cmp/cmp/internal/value
-# github.com/google/go-containerregistry v0.20.4-0.20250225234217-098045d5e61f
-## explicit; go 1.23.0
+# github.com/google/go-containerregistry v0.20.6
+## explicit; go 1.24
github.com/google/go-containerregistry/pkg/name
github.com/google/go-containerregistry/pkg/v1
github.com/google/go-containerregistry/pkg/v1/types
@@ -425,7 +425,7 @@ github.com/mdlayher/vsock
# github.com/miekg/pkcs11 v1.1.1
## explicit; go 1.12
github.com/miekg/pkcs11
-# github.com/mistifyio/go-zfs/v3 v3.0.1
+# github.com/mistifyio/go-zfs/v3 v3.1.0
## explicit; go 1.14
github.com/mistifyio/go-zfs/v3
# github.com/moby/buildkit v0.23.2
@@ -535,7 +535,7 @@ github.com/opencontainers/go-digest
## explicit; go 1.18
github.com/opencontainers/image-spec/specs-go
github.com/opencontainers/image-spec/specs-go/v1
-# github.com/opencontainers/runc v1.3.1
+# github.com/opencontainers/runc v1.3.2
## explicit; go 1.23.0
github.com/opencontainers/runc/libcontainer/apparmor
github.com/opencontainers/runc/libcontainer/devices
@@ -634,8 +634,8 @@ github.com/sigstore/sigstore/pkg/signature/payload
## explicit; go 1.13
github.com/sirupsen/logrus
github.com/sirupsen/logrus/hooks/syslog
-# github.com/skeema/knownhosts v1.3.1
-## explicit; go 1.22
+# github.com/skeema/knownhosts v1.3.2
+## explicit; go 1.24.0
github.com/skeema/knownhosts
# github.com/skratchdot/open-golang v0.0.0-20200116055534-eef842397966
## explicit
@@ -658,8 +658,8 @@ github.com/stefanberger/go-pkcs11uri
github.com/stretchr/testify/assert
github.com/stretchr/testify/assert/yaml
github.com/stretchr/testify/require
-# github.com/sylabs/sif/v2 v2.21.1
-## explicit; go 1.23.0
+# github.com/sylabs/sif/v2 v2.22.0
+## explicit; go 1.24.0
github.com/sylabs/sif/v2/pkg/sif
# github.com/tchap/go-patricia/v2 v2.3.3
## explicit; go 1.16
@@ -713,37 +713,36 @@ go.etcd.io/bbolt/internal/freelist
## explicit; go 1.22.0
go.opentelemetry.io/auto/sdk
go.opentelemetry.io/auto/sdk/internal/telemetry
-# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.60.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0
+## explicit; go 1.23.0
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/request
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconv
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp/internal/semconvutil
-# go.opentelemetry.io/otel v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel v1.36.0
+## explicit; go 1.23.0
go.opentelemetry.io/otel
go.opentelemetry.io/otel/attribute
+go.opentelemetry.io/otel/attribute/internal
go.opentelemetry.io/otel/baggage
go.opentelemetry.io/otel/codes
-go.opentelemetry.io/otel/internal
-go.opentelemetry.io/otel/internal/attribute
go.opentelemetry.io/otel/internal/baggage
go.opentelemetry.io/otel/internal/global
go.opentelemetry.io/otel/propagation
go.opentelemetry.io/otel/semconv/v1.20.0
go.opentelemetry.io/otel/semconv/v1.26.0
-# go.opentelemetry.io/otel/metric v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel/metric v1.36.0
+## explicit; go 1.23.0
go.opentelemetry.io/otel/metric
go.opentelemetry.io/otel/metric/embedded
go.opentelemetry.io/otel/metric/noop
-# go.opentelemetry.io/otel/trace v1.35.0
-## explicit; go 1.22.0
+# go.opentelemetry.io/otel/trace v1.36.0
+## explicit; go 1.23.0
go.opentelemetry.io/otel/trace
go.opentelemetry.io/otel/trace/embedded
go.opentelemetry.io/otel/trace/internal/telemetry
go.opentelemetry.io/otel/trace/noop
-# go.podman.io/common v0.65.1-0.20250925174758-4cf0ff781bfc
+# go.podman.io/common v0.65.1-0.20251016133615-aa970d2c7532
## explicit; go 1.24.2
go.podman.io/common/internal
go.podman.io/common/internal/attributedstring
@@ -780,6 +779,9 @@ go.podman.io/common/pkg/hooks
go.podman.io/common/pkg/hooks/0.1.0
go.podman.io/common/pkg/hooks/1.0.0
go.podman.io/common/pkg/hooks/exec
+go.podman.io/common/pkg/libartifact
+go.podman.io/common/pkg/libartifact/store
+go.podman.io/common/pkg/libartifact/types
go.podman.io/common/pkg/machine
go.podman.io/common/pkg/manifests
go.podman.io/common/pkg/netns
@@ -810,8 +812,8 @@ go.podman.io/common/pkg/umask
go.podman.io/common/pkg/util
go.podman.io/common/pkg/version
go.podman.io/common/version
-# go.podman.io/image/v5 v5.37.0
-## explicit; go 1.23.3
+# go.podman.io/image/v5 v5.37.1-0.20251016133615-aa970d2c7532
+## explicit; go 1.24.0
go.podman.io/image/v5/copy
go.podman.io/image/v5/directory
go.podman.io/image/v5/directory/explicitfilepath
@@ -883,11 +885,10 @@ go.podman.io/image/v5/transports
go.podman.io/image/v5/transports/alltransports
go.podman.io/image/v5/types
go.podman.io/image/v5/version
-# go.podman.io/storage v1.60.0
-## explicit; go 1.23.3
+# go.podman.io/storage v1.60.1-0.20251016133615-aa970d2c7532
+## explicit; go 1.24.0
go.podman.io/storage
go.podman.io/storage/drivers
-go.podman.io/storage/drivers/aufs
go.podman.io/storage/drivers/btrfs
go.podman.io/storage/drivers/copy
go.podman.io/storage/drivers/overlay
@@ -917,7 +918,6 @@ go.podman.io/storage/pkg/homedir
go.podman.io/storage/pkg/idmap
go.podman.io/storage/pkg/idtools
go.podman.io/storage/pkg/ioutils
-go.podman.io/storage/pkg/locker
go.podman.io/storage/pkg/lockfile
go.podman.io/storage/pkg/longpath
go.podman.io/storage/pkg/loopback
@@ -946,7 +946,7 @@ go.yaml.in/yaml/v2
# go.yaml.in/yaml/v3 v3.0.4
## explicit; go 1.16
go.yaml.in/yaml/v3
-# golang.org/x/crypto v0.42.0
+# golang.org/x/crypto v0.43.0
## explicit; go 1.24.0
golang.org/x/crypto/argon2
golang.org/x/crypto/blake2b
@@ -977,8 +977,8 @@ golang.org/x/crypto/ssh/internal/bcrypt_pbkdf
golang.org/x/crypto/ssh/knownhosts
golang.org/x/crypto/twofish
golang.org/x/crypto/xts
-# golang.org/x/mod v0.27.0
-## explicit; go 1.23.0
+# golang.org/x/mod v0.28.0
+## explicit; go 1.24.0
golang.org/x/mod/semver
# golang.org/x/net v0.45.0
## explicit; go 1.24.0
@@ -995,8 +995,8 @@ golang.org/x/net/internal/socks
golang.org/x/net/internal/timeseries
golang.org/x/net/proxy
golang.org/x/net/trace
-# golang.org/x/oauth2 v0.30.0
-## explicit; go 1.23.0
+# golang.org/x/oauth2 v0.32.0
+## explicit; go 1.24.0
golang.org/x/oauth2
golang.org/x/oauth2/internal
# golang.org/x/sync v0.17.0
@@ -1014,7 +1014,7 @@ golang.org/x/sys/windows/svc/eventlog
# golang.org/x/term v0.36.0
## explicit; go 1.24.0
golang.org/x/term
-# golang.org/x/text v0.29.0
+# golang.org/x/text v0.30.0
## explicit; go 1.24.0
golang.org/x/text/encoding
golang.org/x/text/encoding/charmap
@@ -1039,8 +1039,8 @@ golang.org/x/text/unicode/norm
# golang.org/x/time v0.11.0
## explicit; go 1.23.0
golang.org/x/time/rate
-# golang.org/x/tools v0.36.0
-## explicit; go 1.23.0
+# golang.org/x/tools v0.37.0
+## explicit; go 1.24.0
golang.org/x/tools/cover
golang.org/x/tools/go/ast/edge
golang.org/x/tools/go/ast/inspector