Update vendor containers/(common,image)

Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
2025-11-03 07:47:19 +08:00 · 2022-09-30 06:45:24 -04:00
parent d88acd83a1
commit fe3c91d581
70 changed files with 909 additions and 551 deletions
--- a/vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor.go
+++ b/vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor.go
@ -56,6 +56,11 @@ type cryptoMessage struct {
 	Messagetype MessageType
 }

+// sbom represents the SIF SBOM data object descriptor.
+type sbom struct {
+	Format SBOMFormat
+}
+
 var errNameTooLarge = errors.New("name value too large")

 // setName encodes name into the name field of d.
@ -230,6 +235,22 @@ func (d Descriptor) CryptoMessageMetadata() (FormatType, MessageType, error) {
 	return m.Formattype, m.Messagetype, nil
 }

+// SBOMMetadata gets metadata for a SBOM data object.
+func (d Descriptor) SBOMMetadata() (SBOMFormat, error) {
+	if got, want := d.raw.DataType, DataSBOM; got != want {
+		return 0, &unexpectedDataTypeError{got, []DataType{want}}
+	}
+
+	var s sbom
+
+	b := bytes.NewReader(d.raw.Extra[:])
+	if err := binary.Read(b, binary.LittleEndian, &s); err != nil {
+		return 0, fmt.Errorf("%w", err)
+	}
+
+	return s.Format, nil
+}
+
 // GetData returns the data object associated with descriptor d.
 func (d Descriptor) GetData() ([]byte, error) {
 	b := make([]byte, d.raw.Size)
--- a/vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor_input.go
+++ b/vendor/github.com/sylabs/sif/v2/pkg/sif/descriptor_input.go
@ -226,6 +226,24 @@ func OptSignatureMetadata(ht crypto.Hash, fp []byte) DescriptorInputOpt {
 	}
 }

+// OptSBOMMetadata sets metadata for a SBOM data object. The SBOM format is set to f.
+//
+// If this option is applied to a data object with an incompatible type, an error is returned.
+func OptSBOMMetadata(f SBOMFormat) DescriptorInputOpt {
+	return func(t DataType, opts *descriptorOpts) error {
+		if got, want := t, DataSBOM; got != want {
+			return &unexpectedDataTypeError{got, []DataType{want}}
+		}
+
+		s := sbom{
+			Format: f,
+		}
+
+		opts.extra = s
+		return nil
+	}
+}
+
 // DescriptorInput describes a new data object.
 type DescriptorInput struct {
 	dt   DataType
@ -241,7 +259,7 @@ const DefaultObjectGroup = 1
 //
 // It is possible (and often necessary) to store additional metadata related to certain types of
 // data objects. Consider supplying options such as OptCryptoMessageMetadata, OptPartitionMetadata,
-// and OptSignatureMetadata for this purpose.
+// OptSignatureMetadata, and OptSBOMMetadata for this purpose.
 //
 // By default, the data object will be placed in the default data object group (1). To override
 // this behavior, use OptNoGroup or OptGroupID. To link this data object, use OptLinkedID or
--- a/vendor/github.com/sylabs/sif/v2/pkg/sif/sif.go
+++ b/vendor/github.com/sylabs/sif/v2/pkg/sif/sif.go
@ -132,6 +132,7 @@ const (
 	DataGenericJSON                            // generic JSON meta-data
 	DataGeneric                                // generic / raw data
 	DataCryptoMessage                          // cryptographic message data object
+	DataSBOM                                   // software bill of materials
 )

 // String returns a human-readable representation of t.
@ -153,6 +154,8 @@ func (t DataType) String() string {
 		return "Generic/Raw"
 	case DataCryptoMessage:
 		return "Cryptographic Message"
+	case DataSBOM:
+		return "SBOM"
 	}
 	return "Unknown"
 }
@ -267,6 +270,44 @@ func (t MessageType) String() string {
 	return "Unknown"
 }

+// SBOMFormat represents the format used to store an SBOM object.
+type SBOMFormat int32
+
+// List of supported SBOM formats.
+const (
+	SBOMFormatCycloneDXJSON SBOMFormat = iota + 1 // CycloneDX (JSON)
+	SBOMFormatCycloneDXXML                        // CycloneDX (XML)
+	SBOMFormatGitHubJSON                          // GitHub dependency snapshot (JSON)
+	SBOMFormatSPDXJSON                            // SPDX (JSON)
+	SBOMFormatSPDXRDF                             // SPDX (RDF/xml)
+	SBOMFormatSPDXTagValue                        // SPDX (tag/value)
+	SBOMFormatSPDXYAML                            // SPDX (YAML)
+	SBOMFormatSyftJSON                            // Syft (JSON)
+)
+
+// String returns a human-readable representation of f.
+func (f SBOMFormat) String() string {
+	switch f {
+	case SBOMFormatCycloneDXJSON:
+		return "cyclonedx-json"
+	case SBOMFormatCycloneDXXML:
+		return "cyclonedx-xml"
+	case SBOMFormatGitHubJSON:
+		return "github-json"
+	case SBOMFormatSPDXJSON:
+		return "spdx-json"
+	case SBOMFormatSPDXRDF:
+		return "spdx-rdf"
+	case SBOMFormatSPDXTagValue:
+		return "spdx-tag-value"
+	case SBOMFormatSPDXYAML:
+		return "spdx-yaml"
+	case SBOMFormatSyftJSON:
+		return "syft-json"
+	}
+	return "unknown"
+}
+
 // header describes a loaded SIF file.
 type header struct {
 	LaunchScript [hdrLaunchLen]byte