Commit graph

195 commits

Author SHA1 Message Date
Sebastiaan van Stijn
83d7ae76e8
vendor: github.com/containerd/containerd v1.6.14
No changes in vendored code, other than the version bump

full diff: https://github.com/containerd/containerd/compare/v1.6.13...v1.6.14

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-19 22:44:40 +01:00
Sebastiaan van Stijn
35cbdc9661
vendor: github.com/containerd/containerd v1.6.13
full diff: https://github.com/containerd/containerd/compare/v1.6.12...v1.6.13

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:34:46 +01:00
Sebastiaan van Stijn
9300aca2a6
vendor: github.com/Microsoft/hcsshim v0.9.6
full diff: https://github.com/Microsoft/hcsshim/compare/v0.9.5...v0.9.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 19:33:18 +01:00
Sebastiaan van Stijn
0007490b21
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221215132206-0da442b2780f
No changes in vendored code, but removes some indirect dependencies.

full diff: b17f02f0a0...0da442b278

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-15 14:27:07 +01:00
Sebastiaan van Stijn
389dacd6e2
vendor: github.com/tinylib/msgp v1.1.6
This is a dependency of github.com/fluent/fluent-logger-golang, which
currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

Notable changes:

- all: implement omitempty
- fix: JSON encoder may produce invalid utf-8 when provided invalid utf-8 message pack string.
- added Unwrap method to errWrapped plus tests; switched travis to go 1.14
- CopyToJSON: fix bitSize for floats
- Add Reader/Writer constructors with custom buffer
- Add missing bin header functions
- msgp/unsafe: bring code in line with unsafe guidelines
- msgp/msgp: fix ReadMapKeyZC (fix "Fail to decode string encoded as bin type")

full diff: https://github.com/tinylib/msgp/compare/v1.1.0...v1.1.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:35:03 +01:00
Sebastiaan van Stijn
24496fe097
vendor: github.com/philhofer/fwd v1.1.2
This is an (indirect) dependency of github.com/fluent/fluent-logger-golang,
which currently does not provide a go.mod, but tests against the latest
versions of its dependencies.

Updating this dependency to the latest version.

full diff: https://github.com/philhofer/fwd/compare/v1.0.0...v1.1.2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-12 11:34:18 +01:00
Sebastiaan van Stijn
77f9c550bd
Merge pull request #44605 from thaJeztah/bump_golang_net
vendor: golang.org/x/net v0.4.0
2022-12-09 00:03:14 +01:00
Sebastiaan van Stijn
12c76d4a15
vendor: github.com/containerd/containerd v1.6.12
no changes in vendored code, but containerd v1.6.12 is a security release,
so updating, to prevent scanners marking the dependency to have a vulnerability.

full diff: https://github.com/containerd/containerd/compare/v1.6.11...v1.6.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-08 00:42:46 +01:00
Sebastiaan van Stijn
4bbc37687e
vendor: golang.org/x/net v0.4.0
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/v0.2.0...v0.4.0

other dependency updates (due to circular dependencies):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-07 22:25:49 +01:00
Sebastiaan van Stijn
d331bc3b03
vendor: github.com/containerd/containerd v1.6.11
- Fix nil pointer deference for Windows containers in CRI plugin
- Fix lease labels unexpectedly overwriting expiration
- Fix for simultaneous diff creation using the same parent snapshot

full diff: https://github.com/containerd/containerd/v1.6.10...v1.6.11

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-12-06 23:26:25 +01:00
Sebastiaan van Stijn
cc1884dc04
Merge pull request #44501 from tiborvass/immutable_radix
libnetwork: use go-immutable-radix instead of radix
2022-12-06 12:46:53 +01:00
Tibor Vass
eaa74497b8
libnetwork: use go-immutable-radix instead of radix
This commit allows to remove dependency on the mutable version armon/go-radix.

The go-immutable-radix package is better maintained.

It is likely that a bit more memory will be used when using the
immutable version, though discarded nodes are being reused in a pool.
These changes happen when networks are added/removed or nodes come and
go in a cluster, so we are still talking about a relatively low
frequency event.

The major changes compared to the old radix are when modifying (insert
or delete) a tree, and those are pretty self-contained: we replace the
entire immutable tree under a lock.

Signed-off-by: Tibor Vass <teabee89@gmail.com>
2022-11-30 17:03:46 -08:00
AdamKorcz
93fa093122
testing: move fuzzers over from OSS-Fuzz
Signed-off-by: AdamKorcz <adam@adalogics.com>
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 17:31:03 +01:00
Sebastiaan van Stijn
36a2dd36a0
Merge pull request #44554 from thaJeztah/remove_outdated_comment
vendor.mod: remove outdated comment about replaced module
2022-11-30 17:26:51 +01:00
Sebastiaan van Stijn
1907027b7b
Merge pull request #44520 from vvoland/disk-usage-singleflight
daemon/disk_usage: Use context aware singleflight
2022-11-30 13:39:55 +01:00
Sebastiaan van Stijn
6326ad1729
vendor.mod: remove outdated comment about replaced module
The replace was removed in 64f9ea1cf5, but I
forgot to remove the comment.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-30 11:11:13 +01:00
Paweł Gronowski
dec81e489f
daemon/disk_usage: Use context aware singleflight
The singleflight function was capturing the context.Context of the first
caller that invoked the `singleflight.Do`. This could cause all
concurrent calls to be cancelled when the first request is cancelled.

singleflight calls were also moved from the ImageService to Daemon, to
avoid having to implement this logic in both graphdriver and containerd
based image services.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
2022-11-29 16:46:19 +01:00
Sebastiaan van Stijn
c1a9e82d3e
vendor: google.golang.org/grpc v1.50.1
full diff: https://github.com/grpc/grpc-go/compare/v1.48.0...v1.50.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-26 14:20:00 +01:00
Sebastiaan van Stijn
dc52e08bb5
vendor: github.com/prometheus/client_golang v1.14.0
full diff: https://github.com/prometheus/client_golang/compare/v1.13.0...v1.14.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
b2fe29ba79
vendor: github.com/go-logr/logr v1.2.3
full diff: https://github.com/go-logr/logr/compare/v1.2.2...v1.2.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
7c1b7842c6
vendor: golang.org/x/crypto v0.2.0
- all: use math/bits.RotateLeft

full diff: https://github.com/golang/crypto/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
efe17dbdb4
vendor: golang.org/x/net v0.2.0
- http2/hpack: build static table with go generate

full diff: https://github.com/golang/net/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:16 +01:00
Sebastiaan van Stijn
0588a83380
vendor: github.com/opencontainers/runc v1.1.3
no changes in vendored code

full diff: https://github.com/opencontainers/runc/compare/v1.1.2...v1.1.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
38adf7a694
vendor: github.com/klauspost/compress v1.15.12
full diff: https://github.com/klauspost/compress/compare/v1.15.9...v1.15.12

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 17:57:15 +01:00
Sebastiaan van Stijn
e1058e6bc3
go.mod: golang_protobuf_extensions v1.0.4 - prevent incompatible versions
This module made a whoopsie, and updated to `google.golang.org/protobuf`
in a patch release, but `google.golang.org/protobuf` is not backward
compatible with `github.com/golang/protobuf`.

Updating the minimum version to v1.0.4 which corrects this, to prevent
users of containerd as a module from accidentally pulling in the wrong
version:

- v1.0.3 switched to use `google.golang.org/protobuf`; https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.2..v1.0.3
- This was reverted in v1.0.4 (which is the same as v1.0.2); https://github.com/matttproud/golang_protobuf_extensions/compare/v1.0.3..v1.0.4
- And a `v2` was created instead; https://github.com/matttproud/golang_protobuf_extensions/releases/tag/v2.0.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-25 15:18:24 +01:00
Sebastiaan van Stijn
64f9ea1cf5
vendor: github.com/moby/swarmkit/v2 v2.0.0-20221123162438-b17f02f0a054
full diff: 6341884e5f...b17f02f0a0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:30:18 +01:00
Sebastiaan van Stijn
a5898e3a2d
vendor: github.com/prometheus/client_golang v1.13.0
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:22:22 +01:00
Sebastiaan van Stijn
2cc6a86fd3
vendor: github.com/aws/aws-sdk-go v1.37.0
full diff: https://github.com/aws/aws-sdk-go/compare/v1.31.6...v1.37.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:20:40 +01:00
Sebastiaan van Stijn
8f1bc3a3b7
vendor: google.golang.org/grpc v1.48.0
full diff: https://github.com/grpc/grpc-go/compare/v1.47.0...v1.48.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:19:09 +01:00
Sebastiaan van Stijn
b0e20e1b3c
vendor: go.uber.org/zap v1.21.0
full diff: https://github.com/uber-go/zap/compare/v1.17.0...v1.21.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
066fb6c69e
vendor: go.uber.org/multierr v1.8.0
full diff: https://github.com/uber-go/multierr/compare/v1.6.0...v1.8.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
b41580d66e
vendor: go.uber.org/atomic v1.9.0
full diff: https://github.com/uber-go/atomic/compare/v1.7.0...v1.9.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:41 +01:00
Sebastiaan van Stijn
341c9e77a8
vendor: github.com/jmespath/go-jmespath v0.4.0
no code changes in vendored files

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:40 +01:00
Sebastiaan van Stijn
9a8b46518b
vendor: google.golang.org/genproto v0.0.0-20220706185917-7780775163c4
no changes in vendored files

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:16:31 +01:00
Sebastiaan van Stijn
1e48b64538
vendor: github.com/fernet/fernet-go v0.0.0-20211208181803-9f70042a33ee
Fixes a potential panic.

full diff: 9eac43b88a...9f70042a33

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:02:36 +01:00
Sebastiaan van Stijn
4113a88523
vendor: google.golang.org/protobuf v1.28.1
indirect dependency, but updating it in a separate commit

full diff: https://github.com/protocolbuffers/protobuf-go/compare/v1.28.0...v1.28.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 18:00:44 +01:00
Sebastiaan van Stijn
26c4429f7e
vendor: github.com/spf13/cobra v1.6.1
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-23 17:58:08 +01:00
Sebastiaan van Stijn
b7e92237c5
Merge pull request #44502 from thaJeztah/bump_moby_term
vendor: github.com/moby/term v0.0.0-20221120202655-abb19827d345
2022-11-23 17:55:30 +01:00
Sebastiaan van Stijn
61f266f660
vendor: github.com/moby/term v0.0.0-20221120202655-abb19827d345
no significant changes in vendored code, other than updating build-tags
for go1.17, but removes some dependencies from the module, which can
help with future updates;

full diff: 3f7ff695ad...abb19827d3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-20 21:36:38 +01:00
Sebastiaan van Stijn
30b0cb0cd4
vendor.mod: add comment about replaced dependency
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-18 17:26:55 +01:00
Sebastiaan van Stijn
62a4a45a72
vendor.mod: remove replace for github.com/rexray/gocsi
While this replace was needed in swarmkit itself, it looks like
it doesn't cause issues when removed in this repository, so
let's remove it here.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-18 17:22:41 +01:00
Sebastiaan van Stijn
a2d758acc9
vendor: github.com/armon/go-radix v1.0.1-0.20221118154546-54df44f2176c
Previously we had to use a replace rule, as later versions of this
module resulted in a panic. This issue was fixed in:
f30034d788

Which means we can remove the replace rule, and update the dependency.
No new release was tagged yet, so sticking to a "commit" for now.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-18 17:15:42 +01:00
Sebastiaan van Stijn
2799bbc562
Merge pull request #44467 from AkihiroSuda/rootlesskit-1.1.0
update RootlessKit to v1.1.0
2022-11-16 14:10:14 +01:00
Akihiro Suda
fd1912de97
Merge pull request #44461 from tao12345666333/vendor-containerd-v1.6.10
vendor: github.com/containerd/containerd v1.6.10
2022-11-16 09:59:00 +09:00
Sebastiaan van Stijn
a6cb8efd81
vendor: golang.org/x/oauth2 v0.1.0
The golang.org/x/ projects are now doing tagged releases.

Some notable changes:

- authhandler: Add support for PKCE
- Introduce new AuthenticationError type returned by errWrappingTokenSource.Token
- Add support to set JWT Audience in JWTConfigFromJSON()
- google/internal: Add AWS Session Token to Metadata Requests
- go.mod: update vulnerable net library
- google: add support for "impersonated_service_account" credential type.
- google/externalaccount: add support for workforce pool credentials

full diff: https://github.com/golang/oauth2/compare/2bc19b11175f...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-15 13:43:31 +01:00
Sebastiaan van Stijn
9d7bd47cb6
vendor: golang.org/x/crypto v0.1.0
The golang.org/x/ projects are now doing tagged releases.

full diff: https://github.com/golang/crypto/compare/3147a52a75dd...v0.1.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-15 13:43:28 +01:00
Akihiro Suda
08516af897
vendor: github.com/rootless-containers/rootlesskit v1.1.0
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
2022-11-15 20:43:09 +09:00
Jintao Zhang
4e5c3b82cb vendor: github.com/containerd/containerd v1.6.10
Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>
2022-11-15 15:11:05 +08:00
Sebastiaan van Stijn
06e4b7d1f8
vendor: github.com/moby/buildkit v0.10.6
full diff: https://github.com/moby/buildkit/compare/v0.10.5...v0.10.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-14 20:17:39 +01:00
Sebastiaan van Stijn
40908fca45
fix vendor.mod: add hashicorp/go-multierror as direct dependency
Starting with 2bdc7fb0a1, the
github.com/hashicorp/go-multierror module is a direct dependency.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2022-11-14 10:28:49 +01:00