From 51bb71d1b3bfd4ac92ab55c22f44f6adf62375af Mon Sep 17 00:00:00 2001 From: flouthoc Date: Tue, 1 Apr 2025 09:58:40 -0700 Subject: [PATCH 1/2] vendor: bump c/common to 9b0d134f392 Bump common to 9b0d134f392f41de3f3065aad162e73a3904168e Signed-off-by: flouthoc --- go.mod | 8 +- go.sum | 22 +++--- pkg/libartifact/store/store.go | 4 +- .../containers/common/libimage/copier.go | 7 +- .../containers/common/libimage/image.go | 4 +- .../containers/common/libimage/load.go | 2 +- .../containers/common/libimage/normalize.go | 2 +- .../containers/common/libimage/search.go | 2 +- .../common/libnetwork/cni/network.go | 2 +- .../common/libnetwork/internal/util/bridge.go | 2 +- .../common/libnetwork/internal/util/create.go | 2 +- .../common/libnetwork/netavark/config.go | 5 +- .../common/libnetwork/netavark/network.go | 2 +- .../libnetwork/slirp4netns/slirp4netns.go | 2 +- .../common/libnetwork/types/define.go | 6 +- .../containers/common/pkg/auth/auth.go | 4 +- .../common/pkg/cgroups/utils_linux.go | 4 +- .../containers/common/pkg/parse/parse_unix.go | 2 +- .../containers/common/pkg/retry/retry.go | 11 ++- .../containers/common/pkg/secrets/secrets.go | 2 +- .../common/pkg/subscriptions/subscriptions.go | 14 ++-- .../common/pkg/timetype/timestamp.go | 5 +- .../common/pkg/timezone/timezone.go | 6 +- .../containers/image/v5/docker/body_reader.go | 10 +-- .../image/v5/internal/manifest/oci_index.go | 10 +-- .../image/v5/openshift/openshift-copies.go | 2 +- .../v5/pkg/sysregistriesv2/shortnames.go | 2 +- .../github.com/containers/storage/.cirrus.yml | 2 +- .../containers/storage/.golangci.yml | 20 +++-- vendor/github.com/containers/storage/Makefile | 2 +- .../containers/storage/drivers/aufs/aufs.go | 4 +- .../storage/drivers/copy/copy_linux.go | 4 +- .../storage/drivers/copy/copy_unsupported.go | 4 +- .../containers/storage/drivers/driver.go | 4 +- .../storage/drivers/overlay/composefs.go | 4 +- .../storage/drivers/overlay/overlay.go | 41 ++++++---- .../storage/internal/dedup/dedup.go | 6 +- .../storage/internal/dedup/dedup_linux.go | 2 +- .../internal/dedup/dedup_unsupported.go | 8 +- .../containers/storage/pkg/archive/archive.go | 4 +- .../containers/storage/pkg/archive/changes.go | 2 +- .../storage/pkg/archive/changes_linux.go | 9 +-- .../containers/storage/pkg/archive/diff.go | 2 +- .../storage/pkg/chunked/compression_linux.go | 4 +- .../pkg/chunked/compressor/compressor.go | 5 +- .../storage/pkg/chunked/storage_linux.go | 12 +-- .../storage/pkg/idmap/idmapped_utils.go | 2 +- .../containers/storage/pkg/idtools/idtools.go | 18 ++--- .../storage/pkg/idtools/idtools_supported.go | 4 +- .../storage/pkg/ioutils/bytespipe.go | 5 +- .../storage/pkg/loopback/attach_loopback.go | 4 +- .../storage/pkg/unshare/unshare_linux.go | 12 +-- vendor/github.com/containers/storage/store.go | 2 +- .../containers/storage/types/options.go | 2 +- .../containers/storage/types/utils.go | 4 +- .../github.com/containers/storage/userns.go | 5 +- vendor/golang.org/x/exp/LICENSE | 27 ------- vendor/golang.org/x/exp/PATENTS | 22 ------ vendor/golang.org/x/exp/maps/maps.go | 76 ------------------- vendor/modules.txt | 13 ++-- 60 files changed, 178 insertions(+), 301 deletions(-) delete mode 100644 vendor/golang.org/x/exp/LICENSE delete mode 100644 vendor/golang.org/x/exp/PATENTS delete mode 100644 vendor/golang.org/x/exp/maps/maps.go diff --git a/go.mod b/go.mod index 4314ad4c0c..c25089c8e6 100644 --- a/go.mod +++ b/go.mod @@ -13,14 +13,14 @@ require ( github.com/checkpoint-restore/go-criu/v7 v7.2.0 github.com/containernetworking/plugins v1.6.2 github.com/containers/buildah v1.39.1-0.20250324153001-6d9381d08265 - github.com/containers/common v0.62.3-0.20250326101258-442957aa798d + github.com/containers/common v0.62.4-0.20250401165412-9b0d134f392f github.com/containers/conmon v2.0.20+incompatible github.com/containers/gvisor-tap-vsock v0.8.5 - github.com/containers/image/v5 v5.34.3-0.20250326191717-cb71b8dc79cc + github.com/containers/image/v5 v5.34.4-0.20250327193514-d3b241257363 github.com/containers/libhvee v0.10.0 github.com/containers/ocicrypt v1.2.1 github.com/containers/psgo v1.9.0 - github.com/containers/storage v1.57.3-0.20250325222852-4d1ae4a7983d + github.com/containers/storage v1.57.3-0.20250331162343-3fc5c230951d github.com/containers/winquit v1.1.0 github.com/coreos/go-systemd/v22 v22.5.1-0.20231103132048-7d375ecc2b09 github.com/crc-org/vfkit v0.6.0 @@ -128,7 +128,7 @@ require ( github.com/go-openapi/validate v0.24.0 // indirect github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect - github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect + github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 // indirect github.com/golang/protobuf v1.5.4 // indirect github.com/google/go-cmp v0.7.0 // indirect github.com/google/go-containerregistry v0.20.3 // indirect diff --git a/go.sum b/go.sum index 6723d5dc30..d31d82d5f0 100644 --- a/go.sum +++ b/go.sum @@ -68,14 +68,14 @@ github.com/containernetworking/plugins v1.6.2 h1:pqP8Mq923TLyef5g97XfJ/xpDeVek4y github.com/containernetworking/plugins v1.6.2/go.mod h1:SP5UG3jDO9LtmfbBJdP+nl3A1atOtbj2MBOYsnaxy64= github.com/containers/buildah v1.39.1-0.20250324153001-6d9381d08265 h1:3cFRoMP4Up4sN/f2TOcCKSxiX/mbHCN5FwqHc+rw2B8= github.com/containers/buildah v1.39.1-0.20250324153001-6d9381d08265/go.mod h1:8DuzWORynpU4q7coSL0aElpPVMDZFoCOnz9gzqU8Ics= -github.com/containers/common v0.62.3-0.20250326101258-442957aa798d h1:xvajXgoMD3wfumCQqI3h+950b5areKa8BEBE2SAmZCA= -github.com/containers/common v0.62.3-0.20250326101258-442957aa798d/go.mod h1:jEHYmXVWsev+dizV4Oh2mZrPFAEzlVeUj/zrCx1jse0= +github.com/containers/common v0.62.4-0.20250401165412-9b0d134f392f h1:gpfCIBHhMAzJGEPjCrCAS18Pop+RgQSK38Grre/+gqQ= +github.com/containers/common v0.62.4-0.20250401165412-9b0d134f392f/go.mod h1:B6J/JCUcc9vgeoBFFzL5QGszpa7SoVK+mAyUNXSWI6s= github.com/containers/conmon v2.0.20+incompatible h1:YbCVSFSCqFjjVwHTPINGdMX1F6JXHGTUje2ZYobNrkg= github.com/containers/conmon v2.0.20+incompatible/go.mod h1:hgwZ2mtuDrppv78a/cOBNiCm6O0UMWGx1mu7P00nu5I= github.com/containers/gvisor-tap-vsock v0.8.5 h1:s7PA8znsZ4mamev5nNLsQqduYSlz1Ze5TWjfXnAfpEs= github.com/containers/gvisor-tap-vsock v0.8.5/go.mod h1:A2e733OAwqSmHtWXF1WRbDZcqaZgskR5F0qk1daSz/k= -github.com/containers/image/v5 v5.34.3-0.20250326191717-cb71b8dc79cc h1:+lUWWv5Vpi1IqqhDFMZGrXyhj8esbbp/7HDXp5U2LLs= -github.com/containers/image/v5 v5.34.3-0.20250326191717-cb71b8dc79cc/go.mod h1:o2DKsFd0Al8ASGTG+rgeEtHHJoOx3oLlKsOF4MT/3Fw= +github.com/containers/image/v5 v5.34.4-0.20250327193514-d3b241257363 h1:OIRd5FlASb4JdqF5Y2MAQFrllCGgsst5NKXQ3VVaXVg= +github.com/containers/image/v5 v5.34.4-0.20250327193514-d3b241257363/go.mod h1:Ut/4iK7fJNRemEz/Jjq5VZ4+/p443PtwgN9uo/ZSKhA= github.com/containers/libhvee v0.10.0 h1:7VLv8keWZpHuGmWvyY4c1mVH5V1JYb1G78VC+8AlrM0= github.com/containers/libhvee v0.10.0/go.mod h1:at0h8lRcK5jCKfQgU/e6Io0Mw12F36zRLjXVOXRoDTM= github.com/containers/libtrust v0.0.0-20230121012942-c1716e8a8d01 h1:Qzk5C6cYglewc+UyGf6lc8Mj2UaPTHy/iF2De0/77CA= @@ -86,8 +86,8 @@ github.com/containers/ocicrypt v1.2.1 h1:0qIOTT9DoYwcKmxSt8QJt+VzMY18onl9jUXsxpV github.com/containers/ocicrypt v1.2.1/go.mod h1:aD0AAqfMp0MtwqWgHM1bUwe1anx0VazI108CRrSKINQ= github.com/containers/psgo v1.9.0 h1:eJ74jzSaCHnWt26OlKZROSyUyRcGDf+gYBdXnxrMW4g= github.com/containers/psgo v1.9.0/go.mod h1:0YoluUm43Mz2UnBIh1P+6V6NWcbpTL5uRtXyOcH0B5A= -github.com/containers/storage v1.57.3-0.20250325222852-4d1ae4a7983d h1:fSr4oA7haKOptg2NaPkow6yfn0YlhUgechjsofRMkDI= -github.com/containers/storage v1.57.3-0.20250325222852-4d1ae4a7983d/go.mod h1:9/SUJfBaxCWnQv9C2RsQfiG7hU1ryHk5ToIV5N29zYY= +github.com/containers/storage v1.57.3-0.20250331162343-3fc5c230951d h1:gy59ytUXiAjkhLkGu2hL1Pz9omxBce82WO9vh5/atc0= +github.com/containers/storage v1.57.3-0.20250331162343-3fc5c230951d/go.mod h1:os3k+GIT85wGA9J5Es/adfAJM3aegmcXC4n1bvSsqn0= github.com/containers/winquit v1.1.0 h1:jArun04BNDQvt2W0Y78kh9TazN2EIEMG5Im6/JY7+pE= github.com/containers/winquit v1.1.0/go.mod h1:PsPeZlnbkmGGIToMPHF1zhWjBUkd8aHjMOr/vFcPxw8= github.com/coreos/go-oidc/v3 v3.12.0 h1:sJk+8G2qq94rDI6ehZ71Bol3oUHy63qNYmkiSjrc/Jo= @@ -117,8 +117,8 @@ github.com/disiqueira/gotree/v3 v3.0.2 h1:ik5iuLQQoufZBNPY518dXhiO5056hyNBIK9lWh github.com/disiqueira/gotree/v3 v3.0.2/go.mod h1:ZuyjE4+mUQZlbpkI24AmruZKhg3VHEgPLDY8Qk+uUu8= github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk= github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E= -github.com/docker/cli v28.0.2+incompatible h1:cRPZ77FK3/IXTAIQQj1vmhlxiLS5m+MIUDwS6f57lrE= -github.com/docker/cli v28.0.2+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= +github.com/docker/cli v28.0.4+incompatible h1:pBJSJeNd9QeIWPjRcV91RVJihd/TXB77q1ef64XEu4A= +github.com/docker/cli v28.0.4+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8= github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk= github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w= github.com/docker/docker v28.0.4+incompatible h1:JNNkBctYKurkw6FrHfKqY0nKIDf5nrbxjVBtS+cdcok= @@ -193,8 +193,8 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q= github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE= -github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 h1:f+oWsMOmNPc8JmEHVZIycC7hBoQxHH9pNKQORJNozsQ= +github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8/go.mod h1:wcDNUvekVysuuOpQKo3191zZyTpiI6se1N1ULghS0sw= github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= @@ -703,8 +703,6 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo= -gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw= gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q= gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA= honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4= diff --git a/pkg/libartifact/store/store.go b/pkg/libartifact/store/store.go index 904912c96d..46867c9d33 100644 --- a/pkg/libartifact/store/store.go +++ b/pkg/libartifact/store/store.go @@ -133,7 +133,7 @@ func (as ArtifactStore) Pull(ctx context.Context, name string, opts libimage.Cop if err != nil { return err } - copyer, err := libimage.NewCopier(&opts, as.SystemContext, nil) + copyer, err := libimage.NewCopier(&opts, as.SystemContext) if err != nil { return err } @@ -157,7 +157,7 @@ func (as ArtifactStore) Push(ctx context.Context, src, dest string, opts libimag if err != nil { return err } - copyer, err := libimage.NewCopier(&opts, as.SystemContext, nil) + copyer, err := libimage.NewCopier(&opts, as.SystemContext) if err != nil { return err } diff --git a/vendor/github.com/containers/common/libimage/copier.go b/vendor/github.com/containers/common/libimage/copier.go index 5a15c28288..7431c4624f 100644 --- a/vendor/github.com/containers/common/libimage/copier.go +++ b/vendor/github.com/containers/common/libimage/copier.go @@ -178,7 +178,7 @@ type Copier struct { // Note that fields in options *may* overwrite the counterparts of // the specified system context. Please make sure to call `(*Copier).Close()`. func (r *Runtime) newCopier(options *CopyOptions) (*Copier, error) { - return NewCopier(options, r.SystemContext(), nil) + return NewCopier(options, r.SystemContext()) } // storageAllowedPolicyScopes overrides the policy for local storage @@ -225,7 +225,7 @@ func getDockerAuthConfig(name, passwd, creds, idToken string) (*types.DockerAuth // NewCopier creates a Copier based on a provided system context. // Note that fields in options *may* overwrite the counterparts of // the specified system context. Please make sure to call `(*Copier).Close()`. -func NewCopier(options *CopyOptions, sc *types.SystemContext, reportResolvedReference *types.ImageReference) (*Copier, error) { +func NewCopier(options *CopyOptions, sc *types.SystemContext) (*Copier, error) { c := Copier{extendTimeoutSocket: options.extendTimeoutSocket} sysContextCopy := *sc c.systemContext = &sysContextCopy @@ -332,7 +332,6 @@ func NewCopier(options *CopyOptions, sc *types.SystemContext, reportResolvedRefe c.imageCopyOptions.SignBySigstorePrivateKeyFile = options.SignBySigstorePrivateKeyFile c.imageCopyOptions.SignSigstorePrivateKeyPassphrase = options.SignSigstorePrivateKeyPassphrase c.imageCopyOptions.ReportWriter = options.Writer - c.imageCopyOptions.ReportResolvedReference = reportResolvedReference defaultContainerConfig, err := config.Default() if err != nil { @@ -489,7 +488,7 @@ func (c *Copier) copyToStorage(ctx context.Context, source, destination types.Im var resolvedReference types.ImageReference _, err := c.copyInternal(ctx, source, destination, &resolvedReference) if err != nil { - return nil, fmt.Errorf("internal error: unable to copy from source %s: %w", source, err) + return nil, fmt.Errorf("internal error: unable to copy from source %s: %w", transports.ImageName(source), err) } if resolvedReference == nil { return nil, fmt.Errorf("internal error: After attempting to copy %s, resolvedReference is nil", source) diff --git a/vendor/github.com/containers/common/libimage/image.go b/vendor/github.com/containers/common/libimage/image.go index 91e694c16e..8f300e8399 100644 --- a/vendor/github.com/containers/common/libimage/image.go +++ b/vendor/github.com/containers/common/libimage/image.go @@ -463,13 +463,13 @@ func (i *Image) removeRecursive(ctx context.Context, rmMap map[string]*RemoveIma skipRemove := false numNames := len(i.Names()) - // NOTE: the `numNames == 1` check is not only a performance + // NOTE: the `numNames != 1` check is not only a performance // optimization but also preserves existing Podman/Docker behaviour. // If image "foo" is used by a container and has only this tag/name, // an `rmi foo` will not untag "foo" but instead attempt to remove the // entire image. If there's a container using "foo", we should get an // error. - if !(referencedBy == "" || numNames == 1) { + if referencedBy != "" && numNames != 1 { byID := strings.HasPrefix(i.ID(), referencedBy) byDigest := strings.HasPrefix(referencedBy, "sha256:") if !options.Force { diff --git a/vendor/github.com/containers/common/libimage/load.go b/vendor/github.com/containers/common/libimage/load.go index 48f255e8b1..2f69fd639b 100644 --- a/vendor/github.com/containers/common/libimage/load.go +++ b/vendor/github.com/containers/common/libimage/load.go @@ -115,7 +115,7 @@ func (r *Runtime) Load(ctx context.Context, path string, options *LoadOptions) ( // Give a decent error message if nothing above worked. // we want the colon here for the multiline error - //nolint:revive + //nolint:revive,staticcheck loadError := errors.New("payload does not match any of the supported image formats:") for _, err := range loadErrors { loadError = fmt.Errorf("%v\n * %v", loadError, err) diff --git a/vendor/github.com/containers/common/libimage/normalize.go b/vendor/github.com/containers/common/libimage/normalize.go index b00af66a01..1dab82fe27 100644 --- a/vendor/github.com/containers/common/libimage/normalize.go +++ b/vendor/github.com/containers/common/libimage/normalize.go @@ -30,7 +30,7 @@ func NormalizeName(name string) (reference.Named, error) { // Enforce "localhost" if needed. registry := reference.Domain(named) - if !(strings.ContainsAny(registry, ".:") || registry == "localhost") { + if !strings.ContainsAny(registry, ".:") && registry != "localhost" { name = toLocalImageName(ref.String()) } diff --git a/vendor/github.com/containers/common/libimage/search.go b/vendor/github.com/containers/common/libimage/search.go index 6ab016b3b5..2745b52bb3 100644 --- a/vendor/github.com/containers/common/libimage/search.go +++ b/vendor/github.com/containers/common/libimage/search.go @@ -217,7 +217,7 @@ func (r *Runtime) searchImageInRegistry(ctx context.Context, term, registry stri paramsArr := []SearchResult{} for i := range limit { // Check whether query matches filters - if !(filterMatchesAutomatedFilter(&options.Filter, results[i]) && filterMatchesOfficialFilter(&options.Filter, results[i]) && filterMatchesStarFilter(&options.Filter, results[i])) { + if !filterMatchesAutomatedFilter(&options.Filter, results[i]) || !filterMatchesOfficialFilter(&options.Filter, results[i]) || !filterMatchesStarFilter(&options.Filter, results[i]) { continue } official := "" diff --git a/vendor/github.com/containers/common/libnetwork/cni/network.go b/vendor/github.com/containers/common/libnetwork/cni/network.go index 7e001fab0e..ab3a05b555 100644 --- a/vendor/github.com/containers/common/libnetwork/cni/network.go +++ b/vendor/github.com/containers/common/libnetwork/cni/network.go @@ -191,7 +191,7 @@ func (n *cniNetwork) loadNetworks() error { } if !types.NameRegex.MatchString(conf.Name) { - logrus.Warnf("CNI config list %s has invalid name, skipping: %v", file, types.RegexError) + logrus.Warnf("CNI config list %s has invalid name, skipping: %v", file, types.ErrInvalidName) continue } diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go index 44cd555c17..e69c388290 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/bridge.go @@ -19,7 +19,7 @@ func CreateBridge(n NetUtil, network *types.Network, usedNetworks []*net.IPNet, } } if !types.NameRegex.MatchString(network.NetworkInterface) { - return fmt.Errorf("bridge name %s invalid: %w", network.NetworkInterface, types.RegexError) + return fmt.Errorf("bridge name %s invalid: %w", network.NetworkInterface, types.ErrInvalidName) } } else { var err error diff --git a/vendor/github.com/containers/common/libnetwork/internal/util/create.go b/vendor/github.com/containers/common/libnetwork/internal/util/create.go index 376a57315b..42609d1ba7 100644 --- a/vendor/github.com/containers/common/libnetwork/internal/util/create.go +++ b/vendor/github.com/containers/common/libnetwork/internal/util/create.go @@ -23,7 +23,7 @@ func CommonNetworkCreate(n NetUtil, network *types.Network) error { // validate the name when given if network.Name != "" { if !types.NameRegex.MatchString(network.Name) { - return fmt.Errorf("network name %s invalid: %w", network.Name, types.RegexError) + return fmt.Errorf("network name %s invalid: %w", network.Name, types.ErrInvalidName) } if _, err := n.Network(network.Name); err == nil { return fmt.Errorf("network name %s already used: %w", network.Name, types.ErrNetworkExists) diff --git a/vendor/github.com/containers/common/libnetwork/netavark/config.go b/vendor/github.com/containers/common/libnetwork/netavark/config.go index 4916f725e1..6c17bd0a19 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/config.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/config.go @@ -294,10 +294,7 @@ func createIpvlanOrMacvlan(network *types.Network) error { } driver := network.Driver - isMacVlan := true - if driver == types.IPVLANNetworkDriver { - isMacVlan = false - } + isMacVlan := driver != types.IPVLANNetworkDriver // always turn dns off with macvlan, it is not implemented in netavark // and makes little sense to support with macvlan diff --git a/vendor/github.com/containers/common/libnetwork/netavark/network.go b/vendor/github.com/containers/common/libnetwork/netavark/network.go index 985d0db2dd..cf8b0d490e 100644 --- a/vendor/github.com/containers/common/libnetwork/netavark/network.go +++ b/vendor/github.com/containers/common/libnetwork/netavark/network.go @@ -248,7 +248,7 @@ func (n *netavarkNetwork) loadNetworks() error { } if !types.NameRegex.MatchString(network.Name) { - logrus.Warnf("Network config %q has invalid name: %q, skipping: %v", path, network.Name, types.RegexError) + logrus.Warnf("Network config %q has invalid name: %q, skipping: %v", path, network.Name, types.ErrInvalidName) continue } diff --git a/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go b/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go index 524cabc42a..afb54f60d6 100644 --- a/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go +++ b/vendor/github.com/containers/common/libnetwork/slirp4netns/slirp4netns.go @@ -682,7 +682,7 @@ func openSlirp4netnsPort(apiSocket, proto, hostip string, hostport, guestport ui if err != nil { return fmt.Errorf("cannot marshal JSON for slirp4netns: %w", err) } - if _, err := conn.Write([]byte(fmt.Sprintf("%s\n", data))); err != nil { + if _, err := fmt.Fprintf(conn, "%s\n", data); err != nil { return fmt.Errorf("cannot write to control socket %s: %w", apiSocket, err) } //nolint:errcheck // This cast should never fail, if it does we get a interface diff --git a/vendor/github.com/containers/common/libnetwork/types/define.go b/vendor/github.com/containers/common/libnetwork/types/define.go index 0bc688103e..e5929c3e87 100644 --- a/vendor/github.com/containers/common/libnetwork/types/define.go +++ b/vendor/github.com/containers/common/libnetwork/types/define.go @@ -24,8 +24,10 @@ var ( // NameRegex is a regular expression to validate names. // This must NOT be changed. NameRegex = regexp.Delayed("^[a-zA-Z0-9][a-zA-Z0-9_.-]*$") - // RegexError is thrown in presence of an invalid name. - RegexError = fmt.Errorf("names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*: %w", ErrInvalidArg) // nolint:revive // This lint is new and we do not want to break the API. + // ErrInvalidName is thrown in presence of an invalid name. + ErrInvalidName = fmt.Errorf("names must match [a-zA-Z0-9][a-zA-Z0-9_.-]*: %w", ErrInvalidArg) + // Deprecated: use [ErrInvalidName] instead. + RegexError = ErrInvalidName // NotHexRegex is a regular expression to check if a string is // a hexadecimal string. diff --git a/vendor/github.com/containers/common/pkg/auth/auth.go b/vendor/github.com/containers/common/pkg/auth/auth.go index a3d333a99a..4bcd490db3 100644 --- a/vendor/github.com/containers/common/pkg/auth/auth.go +++ b/vendor/github.com/containers/common/pkg/auth/auth.go @@ -173,10 +173,10 @@ func Login(ctx context.Context, systemContext *types.SystemContext, opts *LoginO if opts.StdinPassword { var stdinPasswordStrBuilder strings.Builder if opts.Password != "" { - return errors.New("Can't specify both --password-stdin and --password") + return errors.New("can't specify both --password-stdin and --password") } if opts.Username == "" { - return errors.New("Must provide --username with --password-stdin") + return errors.New("must provide --username with --password-stdin") } scanner := bufio.NewScanner(opts.Stdin) for scanner.Scan() { diff --git a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go index 848a59d236..505ac1b29f 100644 --- a/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go +++ b/vendor/github.com/containers/common/pkg/cgroups/utils_linux.go @@ -221,7 +221,7 @@ func MoveUnderCgroup(cgroup, subtree string, processes []uint32) error { } // root cgroup, skip it - if parts[2] == "/" && !(unifiedMode && parts[1] == "") { + if parts[2] == "/" && (!unifiedMode || parts[1] != "") { continue } @@ -261,7 +261,7 @@ func MoveUnderCgroup(cgroup, subtree string, processes []uint32) error { if len(processes) > 0 { for _, pid := range processes { - if _, err := f.WriteString(fmt.Sprintf("%d\n", pid)); err != nil { + if _, err := fmt.Fprintf(f, "%d\n", pid); err != nil { logrus.Debugf("Cannot move process %d to cgroup %q: %v", pid, newCgroup, err) } } diff --git a/vendor/github.com/containers/common/pkg/parse/parse_unix.go b/vendor/github.com/containers/common/pkg/parse/parse_unix.go index 86563b3eb6..3e4e1d140d 100644 --- a/vendor/github.com/containers/common/pkg/parse/parse_unix.go +++ b/vendor/github.com/containers/common/pkg/parse/parse_unix.go @@ -17,7 +17,7 @@ func DeviceFromPath(device string) ([]devices.Device, error) { return nil, err } if unshare.IsRootless() && src != dst { - return nil, fmt.Errorf("Renaming device %s to %s is not supported in rootless containers", src, dst) + return nil, fmt.Errorf("renaming device %s to %s is not supported in rootless containers", src, dst) } srcInfo, err := os.Stat(src) if err != nil { diff --git a/vendor/github.com/containers/common/pkg/retry/retry.go b/vendor/github.com/containers/common/pkg/retry/retry.go index d47e47e101..f4c6b135c2 100644 --- a/vendor/github.com/containers/common/pkg/retry/retry.go +++ b/vendor/github.com/containers/common/pkg/retry/retry.go @@ -5,10 +5,12 @@ import ( "io" "math" "net" + "net/http" "net/url" "syscall" "time" + "github.com/containers/image/v5/docker" "github.com/docker/distribution/registry/api/errcode" errcodev2 "github.com/docker/distribution/registry/api/v2" "github.com/hashicorp/go-multierror" @@ -47,7 +49,7 @@ func IfNecessary(ctx context.Context, operation func() error, options *Options) logrus.Warnf("Failed, retrying in %s ... (%d/%d). Error: %v", delay, attempt+1, options.MaxRetry, err) select { case <-time.After(delay): - break + // Do nothing. case <-ctx.Done(): return err } @@ -81,6 +83,13 @@ func IsErrorRetryable(err error) bool { return false } return true + case docker.UnexpectedHTTPStatusError: + // Retry on 502, 502 and 503 http server errors, they appear to be quite common in the field. + // https://github.com/containers/common/issues/2299 + if e.StatusCode >= http.StatusBadGateway && e.StatusCode <= http.StatusGatewayTimeout { + return true + } + return false case *net.OpError: return IsErrorRetryable(e.Err) case *url.Error: // This includes errors returned by the net/http client. diff --git a/vendor/github.com/containers/common/pkg/secrets/secrets.go b/vendor/github.com/containers/common/pkg/secrets/secrets.go index 113c6c43b3..7d8d33a114 100644 --- a/vendor/github.com/containers/common/pkg/secrets/secrets.go +++ b/vendor/github.com/containers/common/pkg/secrets/secrets.go @@ -166,7 +166,7 @@ func (s *SecretsManager) Store(name string, data []byte, driverType string, opti return "", err } - if !(len(data) > 0 && len(data) < maxSecretSize) { + if len(data) == 0 || len(data) >= maxSecretSize { return "", errDataSize } var secr *Secret diff --git a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go index 2c78cf1e65..202eb6d3c5 100644 --- a/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go +++ b/vendor/github.com/containers/common/pkg/subscriptions/subscriptions.go @@ -322,7 +322,7 @@ func addSubscriptionsFromMountsFile(filePath, mountLabel, containerRunDir string func containerHasEtcSystemFips(subscriptionsDir, mountPoint string) (bool, error) { containerEtc, err := securejoin.SecureJoin(mountPoint, "etc") if err != nil { - return false, fmt.Errorf("Container /etc resolution error: %w", err) + return false, fmt.Errorf("container /etc resolution error: %w", err) } if fileutils.Lexists(filepath.Join(containerEtc, "system-fips")) != nil { logrus.Debug("/etc/system-fips does not exist in the container, not creating /run/secrets/system-fips") @@ -331,7 +331,7 @@ func containerHasEtcSystemFips(subscriptionsDir, mountPoint string) (bool, error fipsFileTarget, err := securejoin.SecureJoin(mountPoint, "etc/system-fips") if err != nil { - return false, fmt.Errorf("Container /etc/system-fips resolution error: %w", err) + return false, fmt.Errorf("container /etc/system-fips resolution error: %w", err) } if fipsFileTarget != filepath.Join(mountPoint, subscriptionsDir, "system-fips") { logrus.Warnf("/etc/system-fips exists in the container, but is not a symlink to %[1]v/system-fips; not creating %[1]v/system-fips", subscriptionsDir) @@ -448,24 +448,24 @@ func addFIPSMounts(mounts *[]rspec.Mount, containerRunDir, mountPoint, mountLabe destPolicyConfig := "/etc/crypto-policies/config" srcPolicyConfigOnHost, err := securejoin.SecureJoin(mountPoint, srcPolicyConfig) if err != nil { - return fmt.Errorf("Could not expand %q in container: %w", srcPolicyConfig, err) + return fmt.Errorf("could not expand %q in container: %w", srcPolicyConfig, err) } if err = fileutils.Exists(srcPolicyConfigOnHost); err != nil { if !errors.Is(err, os.ErrNotExist) { - return fmt.Errorf("Could not check whether %q exists in container: %w", srcPolicyConfig, err) + return fmt.Errorf("could not check whether %q exists in container: %w", srcPolicyConfig, err) } // /usr/share/crypto-policies/default-fips-config does not exist, let's create it ourselves cryptoPoliciesConfigFile := filepath.Join(containerRunDir, "fips-config") if err := os.WriteFile(cryptoPoliciesConfigFile, []byte("FIPS\n"), 0o644); err != nil { - return fmt.Errorf("Failed to write fips config file in container for FIPS mode: %w", err) + return fmt.Errorf("failed to write fips config file in container for FIPS mode: %w", err) } if err = label.Relabel(cryptoPoliciesConfigFile, mountLabel, false); err != nil { - return fmt.Errorf("Failed to apply correct labels on fips config file: %w", err) + return fmt.Errorf("failed to apply correct labels on fips config file: %w", err) } if err := os.Chown(cryptoPoliciesConfigFile, uid, gid); err != nil { - return fmt.Errorf("Failed to chown fips config file: %w", err) + return fmt.Errorf("failed to chown fips config file: %w", err) } srcPolicyConfigOnHost = cryptoPoliciesConfigFile diff --git a/vendor/github.com/containers/common/pkg/timetype/timestamp.go b/vendor/github.com/containers/common/pkg/timetype/timestamp.go index 519884c553..ce03c784c5 100644 --- a/vendor/github.com/containers/common/pkg/timetype/timestamp.go +++ b/vendor/github.com/containers/common/pkg/timetype/timestamp.go @@ -31,8 +31,9 @@ func GetTimestamp(value string, reference time.Time) (string, error) { } var format string - // if the string has a Z or a + or three dashes use parse otherwise use parseinlocation - parseInLocation := !(strings.ContainsAny(value, "zZ+") || strings.Count(value, "-") == 3) + // If the string has a Z, or a +, or three dashes, + // then use time.Parse, otherwise use time.ParseInLocation. + parseInLocation := !strings.ContainsAny(value, "zZ+") && strings.Count(value, "-") != 3 switch { case strings.Contains(value, "."): diff --git a/vendor/github.com/containers/common/pkg/timezone/timezone.go b/vendor/github.com/containers/common/pkg/timezone/timezone.go index b82dc309d0..e606614578 100644 --- a/vendor/github.com/containers/common/pkg/timezone/timezone.go +++ b/vendor/github.com/containers/common/pkg/timezone/timezone.go @@ -20,10 +20,10 @@ import ( // It returns the path of the created /etc/localtime file if needed. func ConfigureContainerTimeZone(timezone, containerRunDir, mountPoint, etcPath, containerID string) (localTimePath string, err error) { var timezonePath string - switch { - case timezone == "": + switch timezone { + case "": return "", nil - case timezone == "local": + case "local": timezonePath, err = filepath.EvalSymlinks("/etc/localtime") if err != nil { return "", fmt.Errorf("finding local timezone for container %s: %w", containerID, err) diff --git a/vendor/github.com/containers/image/v5/docker/body_reader.go b/vendor/github.com/containers/image/v5/docker/body_reader.go index e69e21ef7a..3c612f2688 100644 --- a/vendor/github.com/containers/image/v5/docker/body_reader.go +++ b/vendor/github.com/containers/image/v5/docker/body_reader.go @@ -35,9 +35,9 @@ type bodyReader struct { body io.ReadCloser // The currently open connection we use to read data, or nil if there is nothing to read from / close. lastRetryOffset int64 // -1 if N/A - lastRetryTime time.Time // time.Time{} if N/A + lastRetryTime time.Time // IsZero() if N/A offset int64 // Current offset within the blob - lastSuccessTime time.Time // time.Time{} if N/A + lastSuccessTime time.Time // IsZero() if N/A } // newBodyReader creates a bodyReader for request path in c. @@ -207,9 +207,9 @@ func (br *bodyReader) Read(p []byte) (int, error) { } // millisecondsSinceOptional is like currentTime.Sub(tm).Milliseconds, but it returns a floating-point value. -// If tm is time.Time{}, it returns math.NaN() +// If tm.IsZero(), it returns math.NaN() func millisecondsSinceOptional(currentTime time.Time, tm time.Time) float64 { - if tm == (time.Time{}) { + if tm.IsZero() { return math.NaN() } return float64(currentTime.Sub(tm).Nanoseconds()) / 1_000_000.0 @@ -229,7 +229,7 @@ func (br *bodyReader) errorIfNotReconnecting(originalErr error, redactedURL stri logrus.Infof("Reading blob body from %s failed (%v), reconnecting after %d bytes…", redactedURL, originalErr, progress) return nil } - if br.lastRetryTime == (time.Time{}) { + if br.lastRetryTime.IsZero() { logrus.Infof("Reading blob body from %s failed (%v), reconnecting (first reconnection)…", redactedURL, originalErr) return nil } diff --git a/vendor/github.com/containers/image/v5/internal/manifest/oci_index.go b/vendor/github.com/containers/image/v5/internal/manifest/oci_index.go index 6a0f88d3a6..719deccbb2 100644 --- a/vendor/github.com/containers/image/v5/internal/manifest/oci_index.go +++ b/vendor/github.com/containers/image/v5/internal/manifest/oci_index.go @@ -213,12 +213,12 @@ type instanceCandidate struct { digest digest.Digest // Instance digest } -func (ic instanceCandidate) isPreferredOver(other *instanceCandidate, preferGzip bool) bool { +func (ic instanceCandidate) isPreferredOver(other *instanceCandidate, preferGzip types.OptionalBool) bool { switch { case ic.platformIndex != other.platformIndex: return ic.platformIndex < other.platformIndex case ic.isZstd != other.isZstd: - if !preferGzip { + if preferGzip != types.OptionalBoolTrue { return ic.isZstd } else { return !ic.isZstd @@ -232,10 +232,6 @@ func (ic instanceCandidate) isPreferredOver(other *instanceCandidate, preferGzip // chooseInstance is a private equivalent to ChooseInstanceByCompression, // shared by ChooseInstance and ChooseInstanceByCompression. func (index *OCI1IndexPublic) chooseInstance(ctx *types.SystemContext, preferGzip types.OptionalBool) (digest.Digest, error) { - didPreferGzip := false - if preferGzip == types.OptionalBoolTrue { - didPreferGzip = true - } wantedPlatforms := platform.WantedPlatforms(ctx) var bestMatch *instanceCandidate bestMatch = nil @@ -251,7 +247,7 @@ func (index *OCI1IndexPublic) chooseInstance(ctx *types.SystemContext, preferGzi } candidate.platformIndex = platformIndex } - if bestMatch == nil || candidate.isPreferredOver(bestMatch, didPreferGzip) { + if bestMatch == nil || candidate.isPreferredOver(bestMatch, preferGzip) { bestMatch = &candidate } } diff --git a/vendor/github.com/containers/image/v5/openshift/openshift-copies.go b/vendor/github.com/containers/image/v5/openshift/openshift-copies.go index 7b83a8868b..0bba3c21d8 100644 --- a/vendor/github.com/containers/image/v5/openshift/openshift-copies.go +++ b/vendor/github.com/containers/image/v5/openshift/openshift-copies.go @@ -920,7 +920,7 @@ func tlsCacheGet(config *restConfig) (http.RoundTripper, error) { // TLSConfigFor returns a tls.Config that will provide the transport level security defined // by the provided Config. Will return nil if no transport level security is requested. func tlsConfigFor(c *restConfig) (*tls.Config, error) { - if !(c.HasCA() || c.HasCertAuth() || c.Insecure) { + if !c.HasCA() && !c.HasCertAuth() && !c.Insecure { return nil, nil } if c.HasCA() && c.Insecure { diff --git a/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go b/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go index d528088548..677629c5db 100644 --- a/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go +++ b/vendor/github.com/containers/image/v5/pkg/sysregistriesv2/shortnames.go @@ -235,7 +235,7 @@ func parseShortNameValue(alias string) (reference.Named, error) { } registry := reference.Domain(named) - if !(strings.ContainsAny(registry, ".:") || registry == "localhost") { + if !strings.ContainsAny(registry, ".:") && registry != "localhost" { return nil, fmt.Errorf("invalid alias %q: must contain registry and repository", alias) } diff --git a/vendor/github.com/containers/storage/.cirrus.yml b/vendor/github.com/containers/storage/.cirrus.yml index c29ec973af..2349eb7f30 100644 --- a/vendor/github.com/containers/storage/.cirrus.yml +++ b/vendor/github.com/containers/storage/.cirrus.yml @@ -126,7 +126,7 @@ lint_task: folder: $GOPATH/pkg/mod build_script: | apt-get update - apt-get install -y libbtrfs-dev + apt-get install -y libbtrfs-dev libsubid-dev test_script: | make TAGS=regex_precompile local-validate make lint diff --git a/vendor/github.com/containers/storage/.golangci.yml b/vendor/github.com/containers/storage/.golangci.yml index ec11f5dae3..9363333a6b 100644 --- a/vendor/github.com/containers/storage/.golangci.yml +++ b/vendor/github.com/containers/storage/.golangci.yml @@ -1,7 +1,17 @@ ---- -run: - concurrency: 6 - timeout: 5m -linters: +version: "2" + +formatters: enable: - gofumpt + +linters: + exclusions: + presets: + - comments + - std-error-handling + settings: + staticcheck: + checks: + - all + - -ST1003 # https://staticcheck.dev/docs/checks/#ST1003 Poorly chosen identifier. + - -QF1008 # https://staticcheck.dev/docs/checks/#QF1008 Omit embedded fields from selector expression. diff --git a/vendor/github.com/containers/storage/Makefile b/vendor/github.com/containers/storage/Makefile index a374193c0e..cfd3ed2a42 100644 --- a/vendor/github.com/containers/storage/Makefile +++ b/vendor/github.com/containers/storage/Makefile @@ -35,7 +35,7 @@ TESTFLAGS := $(shell $(GO) test -race $(BUILDFLAGS) ./pkg/stringutils 2>&1 > /de # N/B: This value is managed by Renovate, manual changes are # possible, as long as they don't disturb the formatting # (i.e. DO NOT ADD A 'v' prefix!) -GOLANGCI_LINT_VERSION := 1.64.8 +GOLANGCI_LINT_VERSION := 2.0.2 default all: local-binary docs local-validate local-cross ## validate all checks, build and cross-build\nbinaries and docs diff --git a/vendor/github.com/containers/storage/drivers/aufs/aufs.go b/vendor/github.com/containers/storage/drivers/aufs/aufs.go index d039342637..5231c6f55f 100644 --- a/vendor/github.com/containers/storage/drivers/aufs/aufs.go +++ b/vendor/github.com/containers/storage/drivers/aufs/aufs.go @@ -517,7 +517,7 @@ func (a *Driver) isParent(id, parent string) bool { if parent == "" && len(parents) > 0 { return false } - return !(len(parents) > 0 && parent != parents[0]) + return len(parents) == 0 || parent == parents[0] } // Diff produces an archive of the changes between the specified @@ -778,6 +778,6 @@ func (a *Driver) SupportsShifting() bool { } // Dedup performs deduplication of the driver's storage. -func (d *Driver) Dedup(req graphdriver.DedupArgs) (graphdriver.DedupResult, error) { +func (a *Driver) Dedup(req graphdriver.DedupArgs) (graphdriver.DedupResult, error) { return graphdriver.DedupResult{}, nil } diff --git a/vendor/github.com/containers/storage/drivers/copy/copy_linux.go b/vendor/github.com/containers/storage/drivers/copy/copy_linux.go index 93fc0a3261..5187bc8caf 100644 --- a/vendor/github.com/containers/storage/drivers/copy/copy_linux.go +++ b/vendor/github.com/containers/storage/drivers/copy/copy_linux.go @@ -40,7 +40,7 @@ const ( ) // CopyRegularToFile copies the content of a file to another -func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { // nolint: revive,golint +func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint: revive srcFile, err := os.Open(srcPath) if err != nil { return err @@ -72,7 +72,7 @@ func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, c } // CopyRegular copies the content of a file to another -func CopyRegular(srcPath, dstPath string, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { // nolint: revive,golint +func CopyRegular(srcPath, dstPath string, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint: revive // If the destination file already exists, we shouldn't blow it away dstFile, err := os.OpenFile(dstPath, os.O_WRONLY|os.O_CREATE|os.O_EXCL, fileinfo.Mode()) if err != nil { diff --git a/vendor/github.com/containers/storage/drivers/copy/copy_unsupported.go b/vendor/github.com/containers/storage/drivers/copy/copy_unsupported.go index baaa86ddc0..191b355d2a 100644 --- a/vendor/github.com/containers/storage/drivers/copy/copy_unsupported.go +++ b/vendor/github.com/containers/storage/drivers/copy/copy_unsupported.go @@ -24,7 +24,7 @@ func DirCopy(srcDir, dstDir string, _ Mode, _ bool) error { } // CopyRegularToFile copies the content of a file to another -func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint: revive,golint // "func name will be used as copy.CopyRegularToFile by other packages, and that stutters" +func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint: revive // "func name will be used as copy.CopyRegularToFile by other packages, and that stutters" f, err := os.Open(srcPath) if err != nil { return err @@ -35,6 +35,6 @@ func CopyRegularToFile(srcPath string, dstFile *os.File, fileinfo os.FileInfo, c } // CopyRegular copies the content of a file to another -func CopyRegular(srcPath, dstPath string, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint:revive,golint // "func name will be used as copy.CopyRegular by other packages, and that stutters" +func CopyRegular(srcPath, dstPath string, fileinfo os.FileInfo, copyWithFileRange, copyWithFileClone *bool) error { //nolint:revive // "func name will be used as copy.CopyRegular by other packages, and that stutters" return chrootarchive.NewArchiver(nil).CopyWithTar(srcPath, dstPath) } diff --git a/vendor/github.com/containers/storage/drivers/driver.go b/vendor/github.com/containers/storage/drivers/driver.go index 1f7ac5ff02..529cd66c07 100644 --- a/vendor/github.com/containers/storage/drivers/driver.go +++ b/vendor/github.com/containers/storage/drivers/driver.go @@ -54,8 +54,8 @@ type MountOpts struct { // Mount label is the MAC Labels to assign to mount point (SELINUX) MountLabel string // UidMaps & GidMaps are the User Namespace mappings to be assigned to content in the mount point - UidMaps []idtools.IDMap //nolint: revive,golint - GidMaps []idtools.IDMap //nolint: revive,golint + UidMaps []idtools.IDMap //nolint: revive + GidMaps []idtools.IDMap //nolint: revive Options []string // Volatile specifies whether the container storage can be optimized diff --git a/vendor/github.com/containers/storage/drivers/overlay/composefs.go b/vendor/github.com/containers/storage/drivers/overlay/composefs.go index 797e3646e9..016f353f08 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/composefs.go +++ b/vendor/github.com/containers/storage/drivers/overlay/composefs.go @@ -53,7 +53,7 @@ func generateComposeFsBlob(verityDigests map[string]string, toc interface{}, com } destFile := getComposefsBlob(composefsDir) - writerJson, err := getComposeFsHelper() + writerJSON, err := getComposeFsHelper() if err != nil { return fmt.Errorf("failed to find mkcomposefs: %w", err) } @@ -74,7 +74,7 @@ func generateComposeFsBlob(verityDigests map[string]string, toc interface{}, com defer outFile.Close() errBuf := &bytes.Buffer{} - cmd := exec.Command(writerJson, "--from-file", "-", "-") + cmd := exec.Command(writerJSON, "--from-file", "-", "-") cmd.Stderr = errBuf cmd.Stdin = dumpReader cmd.Stdout = outFile diff --git a/vendor/github.com/containers/storage/drivers/overlay/overlay.go b/vendor/github.com/containers/storage/drivers/overlay/overlay.go index e4bcd8a6f4..e15530b804 100644 --- a/vendor/github.com/containers/storage/drivers/overlay/overlay.go +++ b/vendor/github.com/containers/storage/drivers/overlay/overlay.go @@ -130,6 +130,9 @@ type Driver struct { usingMetacopy bool usingComposefs bool + stagingDirsLocksMutex sync.Mutex + // stagingDirsLocks access is not thread safe, it is required that callers take + // stagingDirsLocksMutex on each access to guard against concurrent map writes. stagingDirsLocks map[string]*lockfile.LockFile supportsIDMappedMounts *bool @@ -428,17 +431,18 @@ func Init(home string, options graphdriver.Options) (graphdriver.Driver, error) } d := &Driver{ - name: "overlay", - home: home, - imageStore: options.ImageStore, - runhome: runhome, - ctr: graphdriver.NewRefCounter(graphdriver.NewFsChecker(fileSystemType)), - supportsDType: supportsDType, - usingMetacopy: usingMetacopy, - supportsVolatile: supportsVolatile, - usingComposefs: opts.useComposefs, - options: *opts, - stagingDirsLocks: make(map[string]*lockfile.LockFile), + name: "overlay", + home: home, + imageStore: options.ImageStore, + runhome: runhome, + ctr: graphdriver.NewRefCounter(graphdriver.NewFsChecker(fileSystemType)), + supportsDType: supportsDType, + usingMetacopy: usingMetacopy, + supportsVolatile: supportsVolatile, + usingComposefs: opts.useComposefs, + options: *opts, + stagingDirsLocksMutex: sync.Mutex{}, + stagingDirsLocks: make(map[string]*lockfile.LockFile), } d.naiveDiff = graphdriver.NewNaiveDiffDriver(d, graphdriver.NewNaiveLayerIDMapUpdater(d)) @@ -639,6 +643,8 @@ func SupportsNativeOverlay(home, runhome string) (bool, error) { case "true": logrus.Debugf("overlay: storage already configured with a mount-program") return false, nil + case "false": + // Do nothing. default: needsMountProgram, err := scanForMountProgramIndicators(home) if err != nil && !os.IsNotExist(err) { @@ -652,7 +658,6 @@ func SupportsNativeOverlay(home, runhome string) (bool, error) { } // fall through to check if we find ourselves needing to use a // mount program now - case "false": } for _, dir := range []string{home, runhome} { @@ -867,10 +872,12 @@ func (d *Driver) Cleanup() error { // pruneStagingDirectories cleans up any staging directory that was leaked. // It returns whether any staging directory is still present. func (d *Driver) pruneStagingDirectories() bool { + d.stagingDirsLocksMutex.Lock() for _, lock := range d.stagingDirsLocks { lock.Unlock() } - d.stagingDirsLocks = make(map[string]*lockfile.LockFile) + clear(d.stagingDirsLocks) + d.stagingDirsLocksMutex.Unlock() anyPresent := false @@ -2168,10 +2175,12 @@ func (d *Driver) DiffGetter(id string) (_ graphdriver.FileGetCloser, Err error) func (d *Driver) CleanupStagingDirectory(stagingDirectory string) error { parentStagingDir := filepath.Dir(stagingDirectory) + d.stagingDirsLocksMutex.Lock() if lock, ok := d.stagingDirsLocks[parentStagingDir]; ok { delete(d.stagingDirsLocks, parentStagingDir) lock.Unlock() } + d.stagingDirsLocksMutex.Unlock() return os.RemoveAll(parentStagingDir) } @@ -2230,11 +2239,15 @@ func (d *Driver) ApplyDiffWithDiffer(options *graphdriver.ApplyDiffWithDifferOpt } defer func() { if errRet != nil { + d.stagingDirsLocksMutex.Lock() delete(d.stagingDirsLocks, layerDir) + d.stagingDirsLocksMutex.Unlock() lock.Unlock() } }() + d.stagingDirsLocksMutex.Lock() d.stagingDirsLocks[layerDir] = lock + d.stagingDirsLocksMutex.Unlock() lock.Lock() logrus.Debugf("Applying differ in %s", applyDir) @@ -2266,10 +2279,12 @@ func (d *Driver) ApplyDiffFromStagingDirectory(id, parent string, diffOutput *gr parentStagingDir := filepath.Dir(stagingDirectory) defer func() { + d.stagingDirsLocksMutex.Lock() if lock, ok := d.stagingDirsLocks[parentStagingDir]; ok { delete(d.stagingDirsLocks, parentStagingDir) lock.Unlock() } + d.stagingDirsLocksMutex.Unlock() }() diffPath, err := d.getDiffPath(id) diff --git a/vendor/github.com/containers/storage/internal/dedup/dedup.go b/vendor/github.com/containers/storage/internal/dedup/dedup.go index 59fcd0d23a..56d746a304 100644 --- a/vendor/github.com/containers/storage/internal/dedup/dedup.go +++ b/vendor/github.com/containers/storage/internal/dedup/dedup.go @@ -13,7 +13,7 @@ import ( "github.com/sirupsen/logrus" ) -var notSupported = errors.New("reflinks are not supported on this platform") +var errNotSupported = errors.New("reflinks are not supported on this platform") const ( DedupHashInvalid DedupHashMethod = iota @@ -134,7 +134,7 @@ func DedupDirs(dirs []string, options DedupOptions) (DedupResult, error) { break } logrus.Debugf("Failed to deduplicate: %v", err) - if errors.Is(err, notSupported) { + if errors.Is(err, errNotSupported) { return dedupBytes, err } } @@ -153,7 +153,7 @@ func DedupDirs(dirs []string, options DedupOptions) (DedupResult, error) { return nil }); err != nil { // if reflinks are not supported, return immediately without errors - if errors.Is(err, notSupported) { + if errors.Is(err, errNotSupported) { return res, nil } return res, err diff --git a/vendor/github.com/containers/storage/internal/dedup/dedup_linux.go b/vendor/github.com/containers/storage/internal/dedup/dedup_linux.go index 90ccb5f318..1f6179fbce 100644 --- a/vendor/github.com/containers/storage/internal/dedup/dedup_linux.go +++ b/vendor/github.com/containers/storage/internal/dedup/dedup_linux.go @@ -98,7 +98,7 @@ func (d *dedupFiles) dedup(src, dst string, fiDst fs.FileInfo) (uint64, error) { } if errors.Is(err, unix.ENOTSUP) { - return 0, notSupported + return 0, errNotSupported } return 0, fmt.Errorf("failed to clone file %q: %w", src, err) } diff --git a/vendor/github.com/containers/storage/internal/dedup/dedup_unsupported.go b/vendor/github.com/containers/storage/internal/dedup/dedup_unsupported.go index cfadf83268..22ec081c89 100644 --- a/vendor/github.com/containers/storage/internal/dedup/dedup_unsupported.go +++ b/vendor/github.com/containers/storage/internal/dedup/dedup_unsupported.go @@ -9,19 +9,19 @@ import ( type dedupFiles struct{} func newDedupFiles() (*dedupFiles, error) { - return nil, notSupported + return nil, errNotSupported } // isFirstVisitOf records that the file is being processed. Returns true if the file was already visited. func (d *dedupFiles) isFirstVisitOf(fi fs.FileInfo) (bool, error) { - return false, notSupported + return false, errNotSupported } // dedup deduplicates the file at src path to dst path func (d *dedupFiles) dedup(src, dst string, fiDst fs.FileInfo) (uint64, error) { - return 0, notSupported + return 0, errNotSupported } func readAllFile(path string, info fs.FileInfo, fn func([]byte) (string, error)) (string, error) { - return "", notSupported + return "", errNotSupported } diff --git a/vendor/github.com/containers/storage/pkg/archive/archive.go b/vendor/github.com/containers/storage/pkg/archive/archive.go index 71be952017..6ce6812837 100644 --- a/vendor/github.com/containers/storage/pkg/archive/archive.go +++ b/vendor/github.com/containers/storage/pkg/archive/archive.go @@ -687,7 +687,7 @@ func extractTarFileEntry(path, extractDir string, hdr *tar.Header, reader io.Rea case tar.TypeDir: // Create directory unless it exists as a directory already. // In that case we just want to merge the two - if fi, err := os.Lstat(path); !(err == nil && fi.IsDir()) { + if fi, err := os.Lstat(path); err != nil || !fi.IsDir() { if err := os.Mkdir(path, mask); err != nil { return err } @@ -1130,7 +1130,7 @@ loop: continue } - if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) { + if !fi.IsDir() || hdr.Typeflag != tar.TypeDir { if err := os.RemoveAll(path); err != nil { return err } diff --git a/vendor/github.com/containers/storage/pkg/archive/changes.go b/vendor/github.com/containers/storage/pkg/archive/changes.go index 37e9f947f5..a5847cca54 100644 --- a/vendor/github.com/containers/storage/pkg/archive/changes.go +++ b/vendor/github.com/containers/storage/pkg/archive/changes.go @@ -70,7 +70,7 @@ func (c changesByPath) Swap(i, j int) { c[j], c[i] = c[i], c[j] } // files, we handle this by comparing for exact times, *or* same // second count and either a or b having exactly 0 nanoseconds func sameFsTime(a, b time.Time) bool { - return a == b || + return a.Equal(b) || (a.Unix() == b.Unix() && (a.Nanosecond() == 0 || b.Nanosecond() == 0)) } diff --git a/vendor/github.com/containers/storage/pkg/archive/changes_linux.go b/vendor/github.com/containers/storage/pkg/archive/changes_linux.go index 42e77c4dea..fb7d6015ac 100644 --- a/vendor/github.com/containers/storage/pkg/archive/changes_linux.go +++ b/vendor/github.com/containers/storage/pkg/archive/changes_linux.go @@ -174,14 +174,7 @@ func (w *walker) walk(path string, i1, i2 os.FileInfo) (err error) { ix1 := 0 ix2 := 0 - for { - if ix1 >= len(names1) { - break - } - if ix2 >= len(names2) { - break - } - + for ix1 < len(names1) && ix2 < len(names2) { ni1 := names1[ix1] ni2 := names2[ix2] diff --git a/vendor/github.com/containers/storage/pkg/archive/diff.go b/vendor/github.com/containers/storage/pkg/archive/diff.go index a6f9dfb865..6f3067770c 100644 --- a/vendor/github.com/containers/storage/pkg/archive/diff.go +++ b/vendor/github.com/containers/storage/pkg/archive/diff.go @@ -178,7 +178,7 @@ func UnpackLayer(dest string, layer io.Reader, options *TarOptions) (size int64, if err := resetImmutable(path, &fi); err != nil { return 0, err } - if !(fi.IsDir() && hdr.Typeflag == tar.TypeDir) { + if !fi.IsDir() || hdr.Typeflag != tar.TypeDir { if err := os.RemoveAll(path); err != nil { return 0, err } diff --git a/vendor/github.com/containers/storage/pkg/chunked/compression_linux.go b/vendor/github.com/containers/storage/pkg/chunked/compression_linux.go index 67cc6cf082..aee3876582 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/compression_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/compression_linux.go @@ -7,6 +7,7 @@ import ( "fmt" "io" "maps" + "slices" "strconv" "time" @@ -17,7 +18,6 @@ import ( "github.com/vbatts/tar-split/archive/tar" "github.com/vbatts/tar-split/tar/asm" "github.com/vbatts/tar-split/tar/storage" - expMaps "golang.org/x/exp/maps" ) const ( @@ -310,7 +310,7 @@ func ensureTOCMatchesTarSplit(toc *minimal.TOC, tarSplit []byte) error { return err } if len(pendingFiles) != 0 { - remaining := expMaps.Keys(pendingFiles) + remaining := slices.Collect(maps.Keys(pendingFiles)) if len(remaining) > 5 { remaining = remaining[:5] // Just to limit the size of the output. } diff --git a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go index 56ae4c770c..7a17fd7500 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go +++ b/vendor/github.com/containers/storage/pkg/chunked/compressor/compressor.go @@ -142,10 +142,7 @@ func (rc *rollingChecksumReader) Read(b []byte) (bool, int, error) { rc.IsLastChunkZeros = false if rc.pendingHole > 0 { - toCopy := int64(len(b)) - if rc.pendingHole < toCopy { - toCopy = rc.pendingHole - } + toCopy := min(rc.pendingHole, int64(len(b))) rc.pendingHole -= toCopy for i := int64(0); i < toCopy; i++ { b[i] = 0 diff --git a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go index 733010c012..d0d8b3a77a 100644 --- a/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go +++ b/vendor/github.com/containers/storage/pkg/chunked/storage_linux.go @@ -698,18 +698,12 @@ func (c *chunkedDiffer) prepareCompressedStreamToFile(partCompression compressed // hashHole writes SIZE zeros to the specified hasher func hashHole(h hash.Hash, size int64, copyBuffer []byte) error { - count := int64(len(copyBuffer)) - if size < count { - count = size - } + count := min(size, int64(len(copyBuffer))) for i := int64(0); i < count; i++ { copyBuffer[i] = 0 } for size > 0 { - count = int64(len(copyBuffer)) - if size < count { - count = size - } + count = min(size, int64(len(copyBuffer))) if _, err := h.Write(copyBuffer[:count]); err != nil { return err } @@ -1271,7 +1265,7 @@ func getBlobAtConverterGoroutine(stream chan streamOrErr, streams chan io.ReadCl tooManyStreams := false streamsSoFar := 0 - err := errors.New("Unexpected error in getBlobAtGoroutine") + err := errors.New("unexpected error in getBlobAtGoroutine") defer func() { if err != nil { diff --git a/vendor/github.com/containers/storage/pkg/idmap/idmapped_utils.go b/vendor/github.com/containers/storage/pkg/idmap/idmapped_utils.go index 4a75b70fd9..fac9a2f899 100644 --- a/vendor/github.com/containers/storage/pkg/idmap/idmapped_utils.go +++ b/vendor/github.com/containers/storage/pkg/idmap/idmapped_utils.go @@ -25,7 +25,7 @@ func CreateIDMappedMount(source, target string, pid int) error { } defer userNsFile.Close() - targetDirFd, err := unix.OpenTree(0, source, unix.OPEN_TREE_CLONE) + targetDirFd, err := unix.OpenTree(unix.AT_FDCWD, source, unix.OPEN_TREE_CLONE) if err != nil { return &os.PathError{Op: "open_tree", Path: source, Err: err} } diff --git a/vendor/github.com/containers/storage/pkg/idtools/idtools.go b/vendor/github.com/containers/storage/pkg/idtools/idtools.go index 299bdbef7f..13277f090e 100644 --- a/vendor/github.com/containers/storage/pkg/idtools/idtools.go +++ b/vendor/github.com/containers/storage/pkg/idtools/idtools.go @@ -429,25 +429,25 @@ func parseOverrideXattr(xstat []byte) (Stat, error) { var stat Stat attrs := strings.Split(string(xstat), ":") if len(attrs) < 3 { - return stat, fmt.Errorf("The number of parts in %s is less than 3", + return stat, fmt.Errorf("the number of parts in %s is less than 3", ContainersOverrideXattr) } value, err := strconv.ParseUint(attrs[0], 10, 32) if err != nil { - return stat, fmt.Errorf("Failed to parse UID: %w", err) + return stat, fmt.Errorf("failed to parse UID: %w", err) } stat.IDs.UID = int(value) value, err = strconv.ParseUint(attrs[1], 10, 32) if err != nil { - return stat, fmt.Errorf("Failed to parse GID: %w", err) + return stat, fmt.Errorf("failed to parse GID: %w", err) } stat.IDs.GID = int(value) value, err = strconv.ParseUint(attrs[2], 8, 32) if err != nil { - return stat, fmt.Errorf("Failed to parse mode: %w", err) + return stat, fmt.Errorf("failed to parse mode: %w", err) } stat.Mode = os.FileMode(value) & os.ModePerm if value&0o1000 != 0 { @@ -484,7 +484,7 @@ func parseOverrideXattr(xstat []byte) (Stat, error) { return stat, err } } else { - return stat, fmt.Errorf("Invalid file type %s", typ) + return stat, fmt.Errorf("invalid file type %s", typ) } } return stat, nil @@ -494,18 +494,18 @@ func parseDevice(typ string) (int, int, error) { parts := strings.Split(typ, "-") // If there are more than 3 parts, just ignore them to be forward compatible if len(parts) < 3 { - return 0, 0, fmt.Errorf("Invalid device type %s", typ) + return 0, 0, fmt.Errorf("invalid device type %s", typ) } if parts[0] != "block" && parts[0] != "char" { - return 0, 0, fmt.Errorf("Invalid device type %s", typ) + return 0, 0, fmt.Errorf("invalid device type %s", typ) } major, err := strconv.Atoi(parts[1]) if err != nil { - return 0, 0, fmt.Errorf("Failed to parse major number: %w", err) + return 0, 0, fmt.Errorf("failed to parse major number: %w", err) } minor, err := strconv.Atoi(parts[2]) if err != nil { - return 0, 0, fmt.Errorf("Failed to parse minor number: %w", err) + return 0, 0, fmt.Errorf("failed to parse minor number: %w", err) } return major, minor, nil } diff --git a/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go b/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go index 5fd339c11c..9a17f57014 100644 --- a/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go +++ b/vendor/github.com/containers/storage/pkg/idtools/idtools_supported.go @@ -29,9 +29,7 @@ struct subid_range get_range(struct subid_range *ranges, int i) */ import "C" -var ( - onceInit sync.Once -) +var onceInit sync.Once func readSubid(username string, isUser bool) (ranges, error) { var ret ranges diff --git a/vendor/github.com/containers/storage/pkg/ioutils/bytespipe.go b/vendor/github.com/containers/storage/pkg/ioutils/bytespipe.go index 72a04f3491..e6cff03a5a 100644 --- a/vendor/github.com/containers/storage/pkg/ioutils/bytespipe.go +++ b/vendor/github.com/containers/storage/pkg/ioutils/bytespipe.go @@ -93,10 +93,7 @@ loop0: } // add new byte slice to the buffers slice and continue writing - nextCap := b.Cap() * 2 - if nextCap > maxCap { - nextCap = maxCap - } + nextCap := min(b.Cap()*2, maxCap) bp.buf = append(bp.buf, getBuffer(nextCap)) } bp.wait.Broadcast() diff --git a/vendor/github.com/containers/storage/pkg/loopback/attach_loopback.go b/vendor/github.com/containers/storage/pkg/loopback/attach_loopback.go index 40cb22b0fb..e329aa9a1a 100644 --- a/vendor/github.com/containers/storage/pkg/loopback/attach_loopback.go +++ b/vendor/github.com/containers/storage/pkg/loopback/attach_loopback.go @@ -16,8 +16,8 @@ import ( // Loopback related errors var ( ErrAttachLoopbackDevice = errors.New("loopback attach failed") - ErrGetLoopbackBackingFile = errors.New("Unable to get loopback backing file") - ErrSetCapacity = errors.New("Unable set loopback capacity") + ErrGetLoopbackBackingFile = errors.New("unable to get loopback backing file") + ErrSetCapacity = errors.New("unable set loopback capacity") ) func stringToLoopName(src string) [LoNameSize]uint8 { diff --git a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go index 5c473cfa4c..29f0c8ac93 100644 --- a/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go +++ b/vendor/github.com/containers/storage/pkg/unshare/unshare_linux.go @@ -32,9 +32,9 @@ type Cmd struct { *exec.Cmd UnshareFlags int UseNewuidmap bool - UidMappings []specs.LinuxIDMapping // nolint: revive,golint + UidMappings []specs.LinuxIDMapping //nolint: revive UseNewgidmap bool - GidMappings []specs.LinuxIDMapping // nolint: revive,golint + GidMappings []specs.LinuxIDMapping //nolint: revive GidMappingsEnableSetgroups bool Setsid bool Setpgrp bool @@ -249,7 +249,7 @@ func (c *Cmd) Start() (retErr error) { if err != nil { return fmt.Errorf("finding newgidmap: %w", err) } - cmd := exec.Command(path, append([]string{pidString}, strings.Fields(strings.Replace(g.String(), "\n", " ", -1))...)...) + cmd := exec.Command(path, append([]string{pidString}, strings.Fields(g.String())...)...) g.Reset() cmd.Stdout = g cmd.Stderr = g @@ -267,7 +267,7 @@ func (c *Cmd) Start() (retErr error) { } logrus.Warnf("Falling back to single mapping") g.Reset() - g.Write([]byte(fmt.Sprintf("0 %d 1\n", os.Getegid()))) + fmt.Fprintf(g, "0 %d 1\n", os.Getegid()) } } if !gidmapSet { @@ -309,7 +309,7 @@ func (c *Cmd) Start() (retErr error) { if err != nil { return fmt.Errorf("finding newuidmap: %w", err) } - cmd := exec.Command(path, append([]string{pidString}, strings.Fields(strings.Replace(u.String(), "\n", " ", -1))...)...) + cmd := exec.Command(path, append([]string{pidString}, strings.Fields(u.String())...)...) u.Reset() cmd.Stdout = u cmd.Stderr = u @@ -328,7 +328,7 @@ func (c *Cmd) Start() (retErr error) { logrus.Warnf("Falling back to single mapping") u.Reset() - u.Write([]byte(fmt.Sprintf("0 %d 1\n", os.Geteuid()))) + fmt.Fprintf(u, "0 %d 1\n", os.Geteuid()) } } if !uidmapSet { diff --git a/vendor/github.com/containers/storage/store.go b/vendor/github.com/containers/storage/store.go index be1106761e..c7ada88814 100644 --- a/vendor/github.com/containers/storage/store.go +++ b/vendor/github.com/containers/storage/store.go @@ -3723,7 +3723,7 @@ func makeBigDataBaseName(key string) string { if err != nil || size != 1 { break } - if ch != '.' && !(ch >= '0' && ch <= '9') && !(ch >= 'a' && ch <= 'z') { + if ch != '.' && (ch < '0' || ch > '9') && (ch < 'a' || ch > 'z') { break } } diff --git a/vendor/github.com/containers/storage/types/options.go b/vendor/github.com/containers/storage/types/options.go index efc08c4763..1255a02908 100644 --- a/vendor/github.com/containers/storage/types/options.go +++ b/vendor/github.com/containers/storage/types/options.go @@ -394,7 +394,7 @@ func ReloadConfigurationFileIfNeeded(configFile string, storeOptions *StoreOptio } mtime := fi.ModTime() - if prevReloadConfig.storeOptions != nil && prevReloadConfig.mod == mtime && prevReloadConfig.configFile == configFile { + if prevReloadConfig.storeOptions != nil && mtime.Equal(prevReloadConfig.mod) && prevReloadConfig.configFile == configFile { *storeOptions = *prevReloadConfig.storeOptions return nil } diff --git a/vendor/github.com/containers/storage/types/utils.go b/vendor/github.com/containers/storage/types/utils.go index 73fcd2405e..1a8c463e35 100644 --- a/vendor/github.com/containers/storage/types/utils.go +++ b/vendor/github.com/containers/storage/types/utils.go @@ -14,7 +14,7 @@ import ( func expandEnvPath(path string, rootlessUID int) (string, error) { var err error - path = strings.Replace(path, "$UID", strconv.Itoa(rootlessUID), -1) + path = strings.ReplaceAll(path, "$UID", strconv.Itoa(rootlessUID)) path = os.ExpandEnv(path) newpath, err := filepath.EvalSymlinks(path) if err != nil { @@ -61,7 +61,7 @@ func reloadConfigurationFileIfNeeded(configFile string, storeOptions *StoreOptio } mtime := fi.ModTime() - if prevReloadConfig.storeOptions != nil && prevReloadConfig.mod == mtime && prevReloadConfig.configFile == configFile { + if prevReloadConfig.storeOptions != nil && mtime.Equal(prevReloadConfig.mod) && prevReloadConfig.configFile == configFile { *storeOptions = *prevReloadConfig.storeOptions return } diff --git a/vendor/github.com/containers/storage/userns.go b/vendor/github.com/containers/storage/userns.go index 09919394c0..9cfd6ea347 100644 --- a/vendor/github.com/containers/storage/userns.go +++ b/vendor/github.com/containers/storage/userns.go @@ -276,10 +276,7 @@ func (s *store) getAutoUserNS(options *types.AutoUserNsOptions, image *Image, rl // bigger than s.autoNsMaxSize. // This is a best effort heuristic. if requestedSize == 0 { - size = initialSize - if s.autoNsMinSize > size { - size = s.autoNsMinSize - } + size = max(s.autoNsMinSize, initialSize) if image != nil { sizeFromImage, err := s.getMaxSizeFromImage(image, rlstore, lstores, options.PasswdFile, options.GroupFile) if err != nil { diff --git a/vendor/golang.org/x/exp/LICENSE b/vendor/golang.org/x/exp/LICENSE deleted file mode 100644 index 2a7cf70da6..0000000000 --- a/vendor/golang.org/x/exp/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright 2009 The Go Authors. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google LLC nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/golang.org/x/exp/PATENTS b/vendor/golang.org/x/exp/PATENTS deleted file mode 100644 index 733099041f..0000000000 --- a/vendor/golang.org/x/exp/PATENTS +++ /dev/null @@ -1,22 +0,0 @@ -Additional IP Rights Grant (Patents) - -"This implementation" means the copyrightable works distributed by -Google as part of the Go project. - -Google hereby grants to You a perpetual, worldwide, non-exclusive, -no-charge, royalty-free, irrevocable (except as stated in this section) -patent license to make, have made, use, offer to sell, sell, import, -transfer and otherwise run, modify and propagate the contents of this -implementation of Go, where such license applies only to those patent -claims, both currently owned or controlled by Google and acquired in -the future, licensable by Google that are necessarily infringed by this -implementation of Go. This grant does not include claims that would be -infringed only as a consequence of further modification of this -implementation. If you or your agent or exclusive licensee institute or -order or agree to the institution of patent litigation against any -entity (including a cross-claim or counterclaim in a lawsuit) alleging -that this implementation of Go or any code incorporated within this -implementation of Go constitutes direct or contributory patent -infringement, or inducement of patent infringement, then any patent -rights granted to you under this License for this implementation of Go -shall terminate as of the date such litigation is filed. diff --git a/vendor/golang.org/x/exp/maps/maps.go b/vendor/golang.org/x/exp/maps/maps.go deleted file mode 100644 index c25939b92b..0000000000 --- a/vendor/golang.org/x/exp/maps/maps.go +++ /dev/null @@ -1,76 +0,0 @@ -// Copyright 2021 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package maps defines various functions useful with maps of any type. -package maps - -import "maps" - -// TODO(adonovan): when https://go.dev/issue/32816 is accepted, all of -// these functions except Keys and Values should be annotated -// (provisionally with "//go:fix inline") so that tools can safely and -// automatically replace calls to exp/maps with calls to std maps by -// inlining them. - -// Keys returns the keys of the map m. -// The keys will be in an indeterminate order. -func Keys[M ~map[K]V, K comparable, V any](m M) []K { - // The simplest true equivalent using std is: - // return slices.AppendSeq(make([]K, 0, len(m)), maps.Keys(m)). - - r := make([]K, 0, len(m)) - for k := range m { - r = append(r, k) - } - return r -} - -// Values returns the values of the map m. -// The values will be in an indeterminate order. -func Values[M ~map[K]V, K comparable, V any](m M) []V { - // The simplest true equivalent using std is: - // return slices.AppendSeq(make([]V, 0, len(m)), maps.Values(m)). - - r := make([]V, 0, len(m)) - for _, v := range m { - r = append(r, v) - } - return r -} - -// Equal reports whether two maps contain the same key/value pairs. -// Values are compared using ==. -func Equal[M1, M2 ~map[K]V, K, V comparable](m1 M1, m2 M2) bool { - return maps.Equal(m1, m2) -} - -// EqualFunc is like Equal, but compares values using eq. -// Keys are still compared with ==. -func EqualFunc[M1 ~map[K]V1, M2 ~map[K]V2, K comparable, V1, V2 any](m1 M1, m2 M2, eq func(V1, V2) bool) bool { - return maps.EqualFunc(m1, m2, eq) -} - -// Clear removes all entries from m, leaving it empty. -func Clear[M ~map[K]V, K comparable, V any](m M) { - clear(m) -} - -// Clone returns a copy of m. This is a shallow clone: -// the new keys and values are set using ordinary assignment. -func Clone[M ~map[K]V, K comparable, V any](m M) M { - return maps.Clone(m) -} - -// Copy copies all key/value pairs in src adding them to dst. -// When a key in src is already present in dst, -// the value in dst will be overwritten by the value associated -// with the key in src. -func Copy[M1 ~map[K]V, M2 ~map[K]V, K comparable, V any](dst M1, src M2) { - maps.Copy(dst, src) -} - -// DeleteFunc deletes any key/value pairs from m for which del returns true. -func DeleteFunc[M ~map[K]V, K comparable, V any](m M, del func(K, V) bool) { - maps.DeleteFunc(m, del) -} diff --git a/vendor/modules.txt b/vendor/modules.txt index 03f9f0d266..1a75e13bd0 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -142,8 +142,8 @@ github.com/containers/buildah/pkg/sshagent github.com/containers/buildah/pkg/util github.com/containers/buildah/pkg/volumes github.com/containers/buildah/util -# github.com/containers/common v0.62.3-0.20250326101258-442957aa798d -## explicit; go 1.23.0 +# github.com/containers/common v0.62.4-0.20250401165412-9b0d134f392f +## explicit; go 1.23.3 github.com/containers/common/internal github.com/containers/common/internal/attributedstring github.com/containers/common/libimage @@ -215,7 +215,7 @@ github.com/containers/conmon/runner/config # github.com/containers/gvisor-tap-vsock v0.8.5 ## explicit; go 1.23.0 github.com/containers/gvisor-tap-vsock/pkg/types -# github.com/containers/image/v5 v5.34.3-0.20250326191717-cb71b8dc79cc +# github.com/containers/image/v5 v5.34.4-0.20250327193514-d3b241257363 ## explicit; go 1.23.3 github.com/containers/image/v5/copy github.com/containers/image/v5/directory @@ -326,7 +326,7 @@ github.com/containers/psgo/internal/dev github.com/containers/psgo/internal/host github.com/containers/psgo/internal/proc github.com/containers/psgo/internal/process -# github.com/containers/storage v1.57.3-0.20250325222852-4d1ae4a7983d +# github.com/containers/storage v1.57.3-0.20250331162343-3fc5c230951d ## explicit; go 1.23.0 github.com/containers/storage github.com/containers/storage/drivers @@ -566,8 +566,8 @@ github.com/godbus/dbus/v5 # github.com/gogo/protobuf v1.3.2 ## explicit; go 1.15 github.com/gogo/protobuf/proto -# github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da -## explicit +# github.com/golang/groupcache v0.0.0-20241129210726-2c02b8208cf8 +## explicit; go 1.20 github.com/golang/groupcache/lru # github.com/golang/protobuf v1.5.4 ## explicit; go 1.17 @@ -1092,7 +1092,6 @@ golang.org/x/crypto/twofish golang.org/x/crypto/xts # golang.org/x/exp v0.0.0-20250128182459-e0ece0dbea4c ## explicit; go 1.22.0 -golang.org/x/exp/maps # golang.org/x/mod v0.24.0 ## explicit; go 1.23.0 golang.org/x/mod/semver From 74356e1b5a64904f875ae17aad9935d46b9ffec2 Mon Sep 17 00:00:00 2001 From: flouthoc Date: Tue, 1 Apr 2025 10:14:48 -0700 Subject: [PATCH 2/2] config: use ErrInvalidName SA1019: types.RegexError is deprecated: use [ErrInvalidName] instead. Making linter happy. Signed-off-by: flouthoc --- libpod/define/config.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libpod/define/config.go b/libpod/define/config.go index cf9fd3812e..c76238e6dd 100644 --- a/libpod/define/config.go +++ b/libpod/define/config.go @@ -18,7 +18,7 @@ var ( // constant, but Go won't let us do that. NameRegex = types.NameRegex // RegexError is thrown in presence of an invalid container/pod name. - RegexError = types.RegexError + RegexError = types.ErrInvalidName ) const (