Merge pull request #3773 from thaJeztah/20.10_backport_bump_golang_1.18.6

[20.10 backport] Update to go 1.18.6 to address CVE-2022-27664, CVE-2022-32190

.golangci.yml

@@ -5,12 +5,10 @@ linters:
     - dogsled
     - gocyclo
     - goimports
-    - golint
     - gosec
     - gosimple
     - govet
     - ineffassign
-    - interfacer
     - lll
     - megacheck
     - misspell
@@ -21,6 +19,7 @@ linters:
     - unconvert
     - unparam
     - unused
+    - revive
     - varcheck
 
   disable:
@@ -54,30 +53,65 @@ issues:
     - parameter .* always receives
 
   exclude-rules:
-    # These are copied from the default exclude rules, except for "ineffective break statement"
-    # and GoDoc checks.
-    # https://github.com/golangci/golangci-lint/blob/0cc87df732aaf1d5ad9ce9ca538d38d916918b36/pkg/config/config.go#L36
-    - text: "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*printf?|os\\.(Un)?Setenv). is not checked"
+    # We prefer to use an "exclude-list" so that new "default" exclusions are not
+    # automatically inherited. We can decide whether or not to follow upstream
+    # defaults when updating golang-ci-lint versions.
+    # Unfortunately, this means we have to copy the whole exclusion pattern, as
+    # (unlike the "include" option), the "exclude" option does not take exclusion
+    # ID's.
+    #
+    # These exclusion patterns are copied from the default excluses at:
+    # https://github.com/golangci/golangci-lint/blob/v1.44.0/pkg/config/issues.go#L10-L104
+
+    # EXC0001
+    - text: "Error return value of .((os\\.)?std(out|err)\\..*|.*Close|.*Flush|os\\.Remove(All)?|.*print(f|ln)?|os\\.(Un)?Setenv). is not checked"
       linters:
         - errcheck
+    # EXC0003
     - text: "func name will be used as test\\.Test.* by other packages, and that stutters; consider calling this"
       linters:
-        - golint
-    - text: "G103: Use of unsafe calls should be audited"
+        - revive
+    # EXC0006
+    - text: "Use of unsafe calls should be audited"
       linters:
         - gosec
-    - text: "G104: Errors unhandled"
+    # EXC0007
+    - text: "Subprocess launch(ed with variable|ing should be audited)"
       linters:
         - gosec
-    - text: "G204: Subprocess launch(ed with (variable|function call)|ing should be audited)"
+    # EXC0008
+    # TODO: evaluate these and fix where needed: G307: Deferring unsafe method "*os.File" on type "Close" (gosec)
+    - text: "(G104|G307)"
       linters:
         - gosec
-    - text: "(G301|G302): (Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)"
+    # EXC0009
+    - text: "(Expect directory permissions to be 0750 or less|Expect file permissions to be 0600 or less)"
       linters:
         - gosec
-    - text: "G304: Potential file inclusion via variable"
+    # EXC0010
+    - text: "Potential file inclusion via variable"
       linters:
         - gosec
-    - text: "(G201|G202): SQL string (formatting|concatenation)"
+
+    # Looks like the match in "EXC0007" above doesn't catch this one
+    # TODO: consider upstreaming this to golangci-lint's default exclusion rules
+    - text: "G204: Subprocess launched with a potential tainted input or cmd arguments"
       linters:
         - gosec
+    # Looks like the match in "EXC0009" above doesn't catch this one
+    # TODO: consider upstreaming this to golangci-lint's default exclusion rules
+    - text: "G306: Expect WriteFile permissions to be 0600 or less"
+      linters:
+        - gosec
+
+    # Exclude some linters from running on tests files.
+    - path: _test\.go
+      linters:
+        - errcheck
+        - gosec
+
+  # Maximum issues count per one linter. Set to 0 to disable. Default is 50.
+  max-issues-per-linter: 0
+
+  # Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
+  max-same-issues: 0

Dockerfile

@@ -1,7 +1,7 @@
-# syntax=docker/dockerfile:1.3
+# syntax=docker/dockerfile:1
 
 ARG BASE_VARIANT=alpine
-ARG GO_VERSION=1.17.9
+ARG GO_VERSION=1.18.6
 ARG XX_VERSION=1.1.0
 
 FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx

appveyor.yml

@@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli
 
 environment:
   GOPATH: c:\gopath
-  GOVERSION: 1.17.9
+  GOVERSION: 1.18.6
   DEPVERSION: v0.4.1
 
 install:

cli/command/config/formatter_test.go

@@ -19,13 +19,11 @@ func TestConfigContextFormatWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{formatter.Context{Format: NewFormat("table", false)},

cli/command/config/inspect_test.go

@@ -36,7 +36,7 @@ func TestConfigInspectErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 		{
 			args: []string{"foo", "bar"},

cli/command/container/create.go

@@ -155,7 +155,7 @@ func (cid *cidFile) Close() error {
 		return nil
 	}
 	if err := os.Remove(cid.path); err != nil {
-		return errors.Errorf("failed to remove the CID file '%s': %s \n", cid.path, err)
+		return errors.Wrapf(err, "failed to remove the CID file '%s'", cid.path)
 	}
 
 	return nil
@@ -166,7 +166,7 @@ func (cid *cidFile) Write(id string) error {
 		return nil
 	}
 	if _, err := cid.file.Write([]byte(id)); err != nil {
-		return errors.Errorf("Failed to write the container ID to the file: %s", err)
+		return errors.Wrap(err, "failed to write the container ID to the file")
 	}
 	cid.written = true
 	return nil
@@ -177,12 +177,12 @@ func newCIDFile(path string) (*cidFile, error) {
 		return &cidFile{}, nil
 	}
 	if _, err := os.Stat(path); err == nil {
-		return nil, errors.Errorf("Container ID file found, make sure the other container isn't running or delete %s", path)
+		return nil, errors.Errorf("container ID file found, make sure the other container isn't running or delete %s", path)
 	}
 
 	f, err := os.Create(path)
 	if err != nil {
-		return nil, errors.Errorf("Failed to create the container ID file: %s", err)
+		return nil, errors.Wrap(err, "failed to create the container ID file")
 	}
 
 	return &cidFile{path: path, file: f}, nil

cli/command/container/create_test.go

@@ -39,7 +39,7 @@ func TestNewCIDFileWhenFileAlreadyExists(t *testing.T) {
 	defer tempfile.Remove()
 
 	_, err := newCIDFile(tempfile.Path())
-	assert.ErrorContains(t, err, "Container ID file found")
+	assert.ErrorContains(t, err, "container ID file found")
 }
 
 func TestCIDFileCloseWithNoWrite(t *testing.T) {

cli/command/container/formatter_stats.go

@@ -181,14 +181,14 @@ func (c *statsContext) ID() string {
 
 func (c *statsContext) CPUPerc() string {
 	if c.s.IsInvalid {
-		return fmt.Sprintf("--")
+		return "--"
 	}
 	return fmt.Sprintf("%.2f%%", c.s.CPUPercentage)
 }
 
 func (c *statsContext) MemUsage() string {
 	if c.s.IsInvalid {
-		return fmt.Sprintf("-- / --")
+		return "-- / --"
 	}
 	if c.os == winOSType {
 		return units.BytesSize(c.s.Memory)
@@ -198,28 +198,28 @@ func (c *statsContext) MemUsage() string {
 
 func (c *statsContext) MemPerc() string {
 	if c.s.IsInvalid || c.os == winOSType {
-		return fmt.Sprintf("--")
+		return "--"
 	}
 	return fmt.Sprintf("%.2f%%", c.s.MemoryPercentage)
 }
 
 func (c *statsContext) NetIO() string {
 	if c.s.IsInvalid {
-		return fmt.Sprintf("--")
+		return "--"
 	}
 	return fmt.Sprintf("%s / %s", units.HumanSizeWithPrecision(c.s.NetworkRx, 3), units.HumanSizeWithPrecision(c.s.NetworkTx, 3))
 }
 
 func (c *statsContext) BlockIO() string {
 	if c.s.IsInvalid {
-		return fmt.Sprintf("--")
+		return "--"
 	}
 	return fmt.Sprintf("%s / %s", units.HumanSizeWithPrecision(c.s.BlockRead, 3), units.HumanSizeWithPrecision(c.s.BlockWrite, 3))
 }
 
 func (c *statsContext) PIDs() string {
 	if c.s.IsInvalid || c.os == winOSType {
-		return fmt.Sprintf("--")
+		return "--"
 	}
 	return fmt.Sprintf("%d", c.s.PidsCurrent)
 }

cli/command/container/formatter_stats_test.go

@@ -54,13 +54,11 @@ func TestContainerStatsContextWrite(t *testing.T) {
 	}{
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		{
 			formatter.Context{Format: "table {{.MemUsage}}"},

cli/command/container/rm_test.go

@@ -14,13 +14,17 @@ import (
 )
 
 func TestRemoveForce(t *testing.T) {
-	var removed []string
+	var (
+		removed1 []string
+		removed2 []string
+	)
 
 	cli := test.NewFakeCli(&fakeClient{
 		containerRemoveFunc: func(ctx context.Context, container string, options types.ContainerRemoveOptions) error {
-			removed = append(removed, container)
+			removed1 = append(removed1, container)
+			removed2 = append(removed2, container)
 			if container == "nosuchcontainer" {
-				return errdefs.NotFound(fmt.Errorf("Error: No such container: " + container))
+				return errdefs.NotFound(fmt.Errorf("Error: no such container: " + container))
 			}
 			return nil
 		},
@@ -31,16 +35,16 @@ func TestRemoveForce(t *testing.T) {
 
 	t.Run("without force", func(t *testing.T) {
 		cmd.SetArgs([]string{"nosuchcontainer", "mycontainer"})
-		removed = []string{}
-		assert.ErrorContains(t, cmd.Execute(), "No such container")
-		sort.Strings(removed)
-		assert.DeepEqual(t, removed, []string{"mycontainer", "nosuchcontainer"})
+		removed1 = []string{}
+		assert.ErrorContains(t, cmd.Execute(), "no such container")
+		sort.Strings(removed1)
+		assert.DeepEqual(t, removed1, []string{"mycontainer", "nosuchcontainer"})
 	})
 	t.Run("with force", func(t *testing.T) {
 		cmd.SetArgs([]string{"--force", "nosuchcontainer", "mycontainer"})
-		removed = []string{}
+		removed2 = []string{}
 		assert.NilError(t, cmd.Execute())
-		sort.Strings(removed)
-		assert.DeepEqual(t, removed, []string{"mycontainer", "nosuchcontainer"})
+		sort.Strings(removed2)
+		assert.DeepEqual(t, removed2, []string{"mycontainer", "nosuchcontainer"})
 	})
 }

cli/command/formatter/container_test.go

@@ -130,13 +130,11 @@ func TestContainerContextWrite(t *testing.T) {
 		// Errors
 		{
 			Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table Format
 		{

cli/command/formatter/disk_usage_test.go

@@ -61,8 +61,7 @@ CACHE ID   CACHE TYPE   SIZE      CREATED   LAST USED   USAGE     SHARED
 					Format: "{{InvalidFunction}}",
 				},
 			},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			DiskUsageContext{
@@ -70,8 +69,7 @@ CACHE ID   CACHE TYPE   SIZE      CREATED   LAST USED   USAGE     SHARED
 					Format: "{{nil}}",
 				},
 			},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table Format
 		{

cli/command/formatter/formatter.go

@@ -64,7 +64,7 @@ func (c *Context) preFormat() {
 func (c *Context) parseFormat() (*template.Template, error) {
 	tmpl, err := templates.Parse(c.finalFormat)
 	if err != nil {
-		return tmpl, errors.Errorf("Template parsing error: %v\n", err)
+		return tmpl, errors.Wrap(err, "template parsing error")
 	}
 	return tmpl, err
 }
@@ -85,7 +85,7 @@ func (c *Context) postFormat(tmpl *template.Template, subContext SubContext) {
 
 func (c *Context) contextFormat(tmpl *template.Template, subContext SubContext) error {
 	if err := tmpl.Execute(c.buffer, subContext); err != nil {
-		return errors.Errorf("Template parsing error: %v\n", err)
+		return errors.Wrap(err, "template parsing error")
 	}
 	if c.Format.IsTable() && c.header != nil {
 		c.header = subContext.FullHeader()

cli/command/formatter/image_test.go

@@ -119,8 +119,7 @@ func TestImageContextWrite(t *testing.T) {
 					Format: "{{InvalidFunction}}",
 				},
 			},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			ImageContext{
@@ -128,8 +127,7 @@ func TestImageContextWrite(t *testing.T) {
 					Format: "{{nil}}",
 				},
 			},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table Format
 		{

cli/command/formatter/volume_test.go

@@ -62,13 +62,11 @@ func TestVolumeContextWrite(t *testing.T) {
 		// Errors
 		{
 			Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/image/build.go

@@ -297,7 +297,7 @@ func runBuild(dockerCli command.Cli, options buildOptions) error {
 		}
 
 		if err := build.ValidateContextDirectory(contextDir, excludes); err != nil {
-			return errors.Errorf("error checking context: '%s'.", err)
+			return errors.Wrap(err, "error checking context")
 		}
 
 		// And canonicalize dockerfile name to a platform-independent one

cli/command/inspect/inspector.go

@@ -44,7 +44,7 @@ func NewTemplateInspectorFromString(out io.Writer, tmplStr string) (Inspector, e
 
 	tmpl, err := templates.Parse(tmplStr)
 	if err != nil {
-		return nil, errors.Errorf("Template parsing error: %s", err)
+		return nil, errors.Errorf("template parsing error: %s", err)
 	}
 	return NewTemplateInspector(out, tmpl), nil
 }
@@ -94,7 +94,7 @@ func (i *TemplateInspector) Inspect(typedElement interface{}, rawElement []byte)
 	buffer := new(bytes.Buffer)
 	if err := i.tmpl.Execute(buffer, typedElement); err != nil {
 		if rawElement == nil {
-			return errors.Errorf("Template parsing error: %v", err)
+			return errors.Errorf("template parsing error: %v", err)
 		}
 		return i.tryRawInspectFallback(rawElement)
 	}
@@ -118,7 +118,7 @@ func (i *TemplateInspector) tryRawInspectFallback(rawElement []byte) error {
 
 	tmplMissingKey := i.tmpl.Option("missingkey=error")
 	if rawErr := tmplMissingKey.Execute(buffer, raw); rawErr != nil {
-		return errors.Errorf("Template parsing error: %v", rawErr)
+		return errors.Errorf("template parsing error: %v", rawErr)
 	}
 
 	i.buffer.Write(buffer.Bytes())

cli/command/inspect/inspector_test.go

@@ -62,7 +62,7 @@ func TestTemplateInspectorTemplateError(t *testing.T) {
 		t.Fatal("Expected error got nil")
 	}
 
-	if !strings.HasPrefix(err.Error(), "Template parsing error") {
+	if !strings.HasPrefix(err.Error(), "template parsing error") {
 		t.Fatalf("Expected template error, got %v", err)
 	}
 }
@@ -98,7 +98,7 @@ func TestTemplateInspectorRawFallbackError(t *testing.T) {
 		t.Fatal("Expected error got nil")
 	}
 
-	if !strings.HasPrefix(err.Error(), "Template parsing error") {
+	if !strings.HasPrefix(err.Error(), "template parsing error") {
 		t.Fatalf("Expected template error, got %v", err)
 	}
 }

cli/command/network/formatter_test.go

@@ -79,13 +79,11 @@ func TestNetworkContextWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/node/formatter_test.go

@@ -62,15 +62,13 @@ func TestNodeContextWrite(t *testing.T) {
 
 		// Errors
 		{
-			context: formatter.Context{Format: "{{InvalidFunction}}"},
-			expected: `Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			context:     formatter.Context{Format: "{{InvalidFunction}}"},
+			expected:    `template parsing error: template: :1: function "InvalidFunction" not defined`,
 			clusterInfo: swarm.ClusterInfo{TLSInfo: swarm.TLSInfo{TrustRoot: "hi"}},
 		},
 		{
-			context: formatter.Context{Format: "{{nil}}"},
-			expected: `Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			context:     formatter.Context{Format: "{{nil}}"},
+			expected:    `template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 			clusterInfo: swarm.ClusterInfo{TLSInfo: swarm.TLSInfo{TrustRoot: "hi"}},
 		},
 		// Table format

cli/command/plugin/formatter_test.go

@@ -59,13 +59,11 @@ func TestPluginContextWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/plugin/inspect_test.go

@@ -61,7 +61,7 @@ func TestInspectErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 	}
 

cli/command/plugin/list_test.go

@@ -41,7 +41,7 @@ func TestListErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 	}
 

cli/command/registry/formatter_search_test.go

@@ -112,13 +112,11 @@ func TestSearchContextWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/secret/formatter_test.go

@@ -19,13 +19,11 @@ func TestSecretContextFormatWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{formatter.Context{Format: NewFormat("table", false)},

cli/command/secret/inspect_test.go

@@ -36,7 +36,7 @@ func TestSecretInspectErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 		{
 			args: []string{"foo", "bar"},

cli/command/service/formatter_test.go

@@ -29,13 +29,11 @@ func TestServiceContextWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/service/opts.go

@@ -914,7 +914,7 @@ func addServiceFlags(flags *pflag.FlagSet, opts *serviceOptions, defaultFlagValu
 }
 
 const (
-	flagCredentialSpec          = "credential-spec"
+	flagCredentialSpec          = "credential-spec" //nolint:gosec // ignore G101: Potential hardcoded credentials
 	flagPlacementPref           = "placement-pref"
 	flagPlacementPrefAdd        = "placement-pref-add"
 	flagPlacementPrefRemove     = "placement-pref-rm"

cli/command/stack/formatter/formatter_test.go

@@ -16,13 +16,11 @@ func TestStackContextWrite(t *testing.T) {
 		// Errors
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table format
 		{

cli/command/stack/list_test.go

@@ -33,7 +33,7 @@ func TestListErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 		{
 			serviceListFunc: func(options types.ServiceListOptions) ([]swarm.Service, error) {

cli/command/stack/loader/loader.go

@@ -28,6 +28,7 @@ func LoadComposefile(dockerCli command.Cli, opts options.Deploy) (*composetypes.
 	config, err := loader.Load(configDetails)
 	if err != nil {
 		if fpe, ok := err.(*loader.ForbiddenPropertiesError); ok {
+			//nolint:revive // ignore capitalization error; this error is intentionally formatted multi-line
 			return nil, errors.Errorf("Compose file contains unsupported options:\n\n%s\n",
 				propertyWarnings(fpe.Properties))
 		}

cli/command/stack/services_test.go

@@ -62,7 +62,7 @@ func TestStackServicesErrors(t *testing.T) {
 			serviceListFunc: func(options types.ServiceListOptions) ([]swarm.Service, error) {
 				return []swarm.Service{*Service()}, nil
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 	}
 

cli/command/system/info.go

@@ -506,7 +506,7 @@ func formatInfo(dockerCli command.Cli, info info, format string) error {
 	tmpl, err := templates.Parse(format)
 	if err != nil {
 		return cli.StatusError{StatusCode: 64,
-			Status: "Template parsing error: " + err.Error()}
+			Status: "template parsing error: " + err.Error()}
 	}
 	err = tmpl.Execute(dockerCli.Out(), info)
 	dockerCli.Out().Write([]byte{'\n'})

cli/command/system/info_test.go

@@ -394,7 +394,7 @@ func TestFormatInfo(t *testing.T) {
 		{
 			doc:           "syntax",
 			template:      "{{}",
-			expectedError: `Status: Template parsing error: template: :1: unexpected "}" in command, Code: 64`,
+			expectedError: `Status: template parsing error: template: :1: unexpected "}" in command, Code: 64`,
 		},
 		{
 			doc:           "syntax",

cli/command/system/version.go

@@ -235,7 +235,7 @@ func newVersionTemplate(templateFormat string) (*template.Template, error) {
 	tmpl := templates.New("version").Funcs(template.FuncMap{"getDetailsOrder": getDetailsOrder})
 	tmpl, err := tmpl.Parse(templateFormat)
 
-	return tmpl, errors.Wrap(err, "Template parsing error")
+	return tmpl, errors.Wrap(err, "template parsing error")
 }
 
 func getDetailsOrder(v types.ComponentVersion) []string {

cli/command/task/formatter_test.go

@@ -20,13 +20,11 @@ func TestTaskContextWrite(t *testing.T) {
 	}{
 		{
 			formatter.Context{Format: "{{InvalidFunction}}"},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{Format: "{{nil}}"},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		{
 			formatter.Context{Format: NewTaskFormat("table", true)},

cli/command/trust/formatter_test.go

@@ -95,15 +95,13 @@ func TestTrustTagContextWrite(t *testing.T) {
 			formatter.Context{
 				Format: "{{InvalidFunction}}",
 			},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{
 				Format: "{{nil}}",
 			},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table Format
 		{
@@ -191,15 +189,13 @@ func TestSignerInfoContextWrite(t *testing.T) {
 			formatter.Context{
 				Format: "{{InvalidFunction}}",
 			},
-			`Template parsing error: template: :1: function "InvalidFunction" not defined
-`,
+			`template parsing error: template: :1: function "InvalidFunction" not defined`,
 		},
 		{
 			formatter.Context{
 				Format: "{{nil}}",
 			},
-			`Template parsing error: template: :1:2: executing "" at <nil>: nil is not a command
-`,
+			`template parsing error: template: :1:2: executing "" at <nil>: nil is not a command`,
 		},
 		// Table Format
 		{

cli/command/volume/create.go

@@ -32,7 +32,7 @@ func newCreateCommand(dockerCli command.Cli) *cobra.Command {
 		RunE: func(cmd *cobra.Command, args []string) error {
 			if len(args) == 1 {
 				if options.name != "" {
-					return errors.Errorf("Conflicting options: either specify --name or provide positional arg, not both\n")
+					return errors.Errorf("conflicting options: either specify --name or provide positional arg, not both")
 				}
 				options.name = args[0]
 			}

cli/command/volume/create_test.go

@@ -26,7 +26,7 @@ func TestVolumeCreateErrors(t *testing.T) {
 			flags: map[string]string{
 				"name": "volumeName",
 			},
-			expectedError: "Conflicting options: either specify --name or provide positional arg, not both",
+			expectedError: "conflicting options: either specify --name or provide positional arg, not both",
 		},
 		{
 			args:          []string{"too", "many"},

cli/command/volume/inspect_test.go

@@ -35,7 +35,7 @@ func TestVolumeInspectErrors(t *testing.T) {
 			flags: map[string]string{
 				"format": "{{invalid format}}",
 			},
-			expectedError: "Template parsing error",
+			expectedError: "template parsing error",
 		},
 		{
 			args: []string{"foo", "bar"},

cli/compose/interpolation/interpolation.go

@@ -99,7 +99,7 @@ func newPathError(path Path, err error) error {
 		return nil
 	case *template.InvalidTemplateError:
 		return errors.Errorf(
-			"invalid interpolation format for %s: %#v. You may need to escape any $ with another $.",
+			"invalid interpolation format for %s: %#v; you may need to escape any $ with another $",
 			path, err.Template)
 	default:
 		return errors.Wrapf(err, "error while interpolating %s", path)

cli/compose/interpolation/interpolation_test.go

@@ -58,7 +58,7 @@ func TestInvalidInterpolation(t *testing.T) {
 		},
 	}
 	_, err := Interpolate(services, Options{LookupValue: defaultMapping})
-	assert.Error(t, err, `invalid interpolation format for servicea.image: "${". You may need to escape any $ with another $.`)
+	assert.Error(t, err, `invalid interpolation format for servicea.image: "${"; you may need to escape any $ with another $`)
 }
 
 func TestInterpolateWithDefaults(t *testing.T) {

cli/config/credentials/native_store.go

@@ -7,7 +7,7 @@ import (
 )
 
 const (
-	remoteCredentialsPrefix = "docker-credential-"
+	remoteCredentialsPrefix = "docker-credential-" //nolint:gosec // ignore G101: Potential hardcoded credentials
 	tokenUsername           = "<token>"
 )
 

contrib/completion/bash/docker

@@ -5485,6 +5485,23 @@ _docker_wait() {
 	_docker_container_wait
 }
 
+COMPOSE_PLUGIN_PATH=$(docker info --format '{{range .ClientInfo.Plugins}}{{if eq .Name "compose"}}{{.Path}}{{end}}{{end}}')
+
+_docker_compose() {
+	local completionCommand="__completeNoDesc"
+	local resultArray=($COMPOSE_PLUGIN_PATH $completionCommand compose)
+	for value in "${words[@]:2}"; do
+		if [ -z "$value" ]; then
+			resultArray+=( "''" )
+		else
+			resultArray+=( "$value" )
+		fi
+	done
+	local result=$(eval "${resultArray[*]}" 2> /dev/null | grep -v '^:[0-9]*$')
+
+	COMPREPLY=( $(compgen -W "${result}" -- "$current") )
+}
+
 _docker() {
 	local previous_extglob_setting=$(shopt -p extglob)
 	shopt -s extglob
@@ -5554,11 +5571,17 @@ _docker() {
 		wait
 	)
 
+	local known_plugin_commands=()
+
+	if [ -f "$COMPOSE_PLUGIN_PATH" ] ; then
+		known_plugin_commands+=("compose")
+	fi
+
 	local experimental_server_commands=(
 		checkpoint
 	)
 
-	local commands=(${management_commands[*]} ${top_level_commands[*]})
+	local commands=(${management_commands[*]} ${top_level_commands[*]} ${known_plugin_commands[*]})
 	[ -z "$DOCKER_HIDE_LEGACY_COMMANDS" ] && commands+=(${legacy_commands[*]})
 
 	# These options are valid as global options for all client commands

contrib/completion/zsh/_docker

@@ -2652,7 +2652,7 @@ __docker_commands() {
     then
         local -a lines
         lines=(${(f)"$(_call_program commands docker 2>&1)"})
-        _docker_subcommands=(${${${(M)${lines[$((${lines[(i)*Commands:]} + 1)),-1]}:# *}## #}/ ##/:})
+        _docker_subcommands=(${${${(M)${lines[$((${lines[(i)*Commands:]} + 1)),-1]}:# *}## #}/\*# ##/:})
         _docker_subcommands=($_docker_subcommands 'daemon:Enable daemon mode' 'help:Show help for a command')
         (( $#_docker_subcommands > 2 )) && _store_cache docker_subcommands _docker_subcommands
     fi

docker-bake.hcl

@@ -1,5 +1,5 @@
 variable "GO_VERSION" {
-    default = "1.17.9"
+    default = "1.18.6"
 }
 variable "VERSION" {
     default = ""

dockerfiles/Dockerfile.binary-native

@@ -1,4 +1,4 @@
-ARG GO_VERSION=1.17.9
+ARG GO_VERSION=1.18.6
 
 FROM    golang:${GO_VERSION}-alpine
 

dockerfiles/Dockerfile.dev

@@ -1,6 +1,6 @@
-# syntax=docker/dockerfile:1.3
+# syntax=docker/dockerfile:1
 
-ARG GO_VERSION=1.17.9
+ARG GO_VERSION=1.18.6
 
 FROM golang:${GO_VERSION}-alpine AS golang
 ENV  CGO_ENABLED=0

dockerfiles/Dockerfile.e2e

@@ -1,4 +1,4 @@
-ARG GO_VERSION=1.17.9
+ARG GO_VERSION=1.18.6
 
 # Use Debian based image as docker-compose requires glibc.
 FROM golang:${GO_VERSION}-buster

dockerfiles/Dockerfile.lint

@@ -1,16 +1,16 @@
-# syntax=docker/dockerfile:1.3
+# syntax=docker/dockerfile:1
 
-ARG GO_VERSION=1.17.9
-ARG GOLANGCI_LINTER_SHA="v1.21.0"
+ARG GO_VERSION=1.18.6
+ARG GOLANGCI_LINT_VERSION=v1.45.2
 
 FROM    golang:${GO_VERSION}-alpine AS build
 ENV     CGO_ENABLED=0
 RUN     apk add --no-cache git
-ARG     GOLANGCI_LINTER_SHA
+ARG     GOLANGCI_LINT_VERSION
 ARG     GO111MODULE=on
 RUN --mount=type=cache,target=/root/.cache/go-build \
     --mount=type=cache,target=/go/pkg/mod \
-        go get github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINTER_SHA}
+        go install github.com/golangci/golangci-lint/cmd/golangci-lint@${GOLANGCI_LINT_VERSION}
 
 FROM    golang:${GO_VERSION}-alpine AS lint
 ENV     GO111MODULE=off

docs/extend/legacy_plugins.md

@@ -77,7 +77,7 @@ The sections below provide an inexhaustive overview of available plugins.
 | [Local Persist Plugin](https://github.com/CWSpear/local-persist)                                   | A volume plugin that extends the default `local` driver's functionality by allowing you specify a mountpoint anywhere on the host, which enables the files to *always persist*, even if the volume is removed via `docker volume rm`.                                                                         |
 | [NetApp Plugin](https://github.com/NetApp/netappdvp) (nDVP)                                        | A volume plugin that provides direct integration with the Docker ecosystem for the NetApp storage portfolio. The nDVP package supports the provisioning and management of storage resources from the storage platform to Docker hosts, with a robust framework for adding additional platforms in the future. |
 | [Netshare plugin](https://github.com/ContainX/docker-volume-netshare)                              | A volume plugin that provides volume management for NFS 3/4, AWS EFS and CIFS file systems.                                                                                                                                                                                                                   |
-| [Nimble Storage Volume Plugin](https://connect.nimblestorage.com/community/app-integration/docker) | A volume plug-in that integrates with Nimble Storage Unified Flash Fabric arrays. The plug-in abstracts array volume capabilities to the Docker administrator to allow self-provisioning of secure multi-tenant volumes and clones.                                                                           |
+| [Nimble Storage Volume Plugin](https://scod.hpedev.io/docker_volume_plugins/hpe_nimble_storage/index.html) | A volume plug-in that integrates with Nimble Storage Unified Flash Fabric arrays. The plug-in abstracts array volume capabilities to the Docker administrator to allow self-provisioning of secure multi-tenant volumes and clones.                                                                           |
 | [OpenStorage Plugin](https://github.com/libopenstorage/openstorage)                                | A cluster-aware volume plugin that provides volume management for file and block storage solutions.  It implements a vendor neutral specification for implementing extensions such as CoS, encryption, and snapshots. It has example drivers based on FUSE, NFS, NBD and EBS to name a few.                   |
 | [Portworx Volume Plugin](https://github.com/portworx/px-dev)                                       | A volume plugin that turns any server into a scale-out converged compute/storage node, providing container granular storage and highly available volumes across any node, using a shared-nothing storage backend that works with any docker scheduler.                                                        |
 | [Quobyte Volume Plugin](https://github.com/quobyte/docker-volume)                                  | A volume plugin that connects Docker to [Quobyte](https://www.quobyte.com/containers)'s data center file system, a general-purpose scalable and fault-tolerant storage platform.                                                                                                                               |

templates/templates.go

@@ -20,7 +20,7 @@ var basicFunctions = template.FuncMap{
 	},
 	"split":    strings.Split,
 	"join":     strings.Join,
-	"title":    strings.Title,
+	"title":    strings.Title, //nolint:staticcheck // strings.Title is deprecated, but we only use it for ASCII, so replacing with golang.org/x/text is out of scope
 	"lower":    strings.ToLower,
 	"upper":    strings.ToUpper,
 	"pad":      padWithSpace,

vendor.conf

@@ -13,7 +13,7 @@ github.com/creack/pty                               2a38352e8b4d7ab6c336eef107e4
 github.com/davecgh/go-spew                          8991bc29aa16c548c550c7ff78260e27b9ab7c73 # v1.1.1
 github.com/docker/compose-on-kubernetes             1f9b5b8cb6aca13deee947511801cf89447c1bfe # v0.5.0
 github.com/docker/distribution                      b5ca020cfbe998e5af3457fda087444cf5116496 # v2.8.1
-github.com/docker/docker                            87a90dc786bda134c9eb02adbae2c6a7342fb7f6 # v20.10.14
+github.com/docker/docker                            a89b84221c8560e7a3dee2a653353429e7628424 # v20.10.17
 github.com/docker/docker-credential-helpers         fc9290adbcf1594e78910e2f0334090eaee0e1ee # v0.6.4
 github.com/docker/go                                d30aec9fd63c35133f8f79c3412ad91a3b08be06 # Contains a customized version of canonical/json and is used by Notary. The package is periodically rebased on current Go versions.
 github.com/docker/go-connections                    7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0
@@ -29,7 +29,7 @@ github.com/gogo/protobuf                            5628607bb4c51c3157aacc3a50f0
 github.com/golang/groupcache                        869f871628b6baa9cfbc11732cdf6546b17c1298
 github.com/golang/protobuf                          84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5
 github.com/google/go-cmp                            3af367b6b30c263d47e8895973edcca9a49cf029 # v0.2.0
-github.com/google/gofuzz                            24818f796faf91cd76ec7bddd72458fbced7a6c1
+github.com/google/gofuzz                            f140a6486e521aad38f5917de355cbf147cc0496 # v1.0.0
 github.com/google/shlex                             e7afc7fbc51079733e9468cdfd1efcd7d196cd1d
 github.com/googleapis/gnostic                       7c663266750e7d82587642f65e60bc4083f1f84e # v0.2.0
 github.com/gorilla/mux                              98cb6bf42e086f6af920b965c38cacc07402d51b # v1.8.0
@@ -40,7 +40,7 @@ github.com/hashicorp/golang-lru                     7f827b33c0f158ec5dfbba01bb0b
 github.com/imdario/mergo                            1afb36080aec31e0d1528973ebe6721b191b0369 # v0.3.8
 github.com/inconshreveable/mousetrap                76626ae9c91c4f2a10f34cad8ce83ea42c93bb75 # v1.0.0
 github.com/jaguilar/vt100                           ad4c4a5743050fb7f88ce968dca9422f72a0e3f2 https://github.com/tonistiigi/vt100.git
-github.com/json-iterator/go                         0ff49de124c6f76f8494e194af75bde0f1a49a29 # 1.1.6
+github.com/json-iterator/go                         024077e996b048517130b21ea6bf12aa23055d3d # v1.1.12
 github.com/matttproud/golang_protobuf_extensions    c12348ce28de40eed0136aa2b644d0ee0650e56c # v1.0.1
 github.com/Microsoft/go-winio                       5b44b70ab3ab4d291a7c1d28afe7b4afeced0ed4 # v0.4.15
 github.com/Microsoft/hcsshim                        5bc557dd210ff2caf615e6e22d398123de77fc11 # v0.8.9
@@ -50,7 +50,7 @@ github.com/moby/buildkit                            8142d66b5ebde79846b869fba30d
 github.com/moby/sys                                 1bc8673b57550ddf85262eb0fed0aac651a37dab # symlink/v0.1.0 (latest tag, either mount/vXXX, mountinfo/vXXX or symlink/vXXX)
 github.com/moby/term                                3f7ff695adc6a35abc925370dd0a4dafb48ec64d
 github.com/modern-go/concurrent                     bacd9c7ef1dd9b15be4a9909b8ac7a4e313eec94 # 1.0.3
-github.com/modern-go/reflect2                       4b7aa43c6742a2c18fdef89dd197aaae7dac7ccd # 1.0.1
+github.com/modern-go/reflect2                       2b33151c9bbc5231aea69b8861c540102b087070 # v1.0.2
 github.com/morikuni/aec                             39771216ff4c63d11f5e604076f9c45e8be1067b # v1.0.0
 github.com/opencontainers/go-digest                 ea51bea511f75cfa3ef6098cc253c5c3609b037a # v1.0.0
 github.com/opencontainers/image-spec                67d2d5658fe0476ab9bf414cec164077ebff3920 # v1.0.2
@@ -77,7 +77,7 @@ golang.org/x/crypto                                 c1f2f97bffc9c53fc40a1a28a5b4
 golang.org/x/net                                    ab34263943818b32f575efc978a3d24e80b04bd7
 golang.org/x/oauth2                                 bf48bf16ab8d622ce64ec6ce98d2c98f916b6303
 golang.org/x/sync                                   cd5d95a43a6e21273425c7ae415d3df9ea832eeb
-golang.org/x/sys                                    b64e53b001e413bd5067f36d4e439eded3827374
+golang.org/x/sys                                    33da011f77ade50ff5b6a6fb4a9a1e6d6b285809
 golang.org/x/term                                   f5c789dd3221ff39d752ac54467d762de7cfbec6
 golang.org/x/text                                   23ae387dee1f90d29a23c0e87ee0b46038fbed0e # v0.3.3
 golang.org/x/time                                   555d28b269f0569763d25dbe1a237ae74c6bcc82

vendor/github.com/docker/docker/api/common_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package api // import "github.com/docker/docker/api"

vendor/github.com/docker/docker/api/types/container/hostconfig_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package container // import "github.com/docker/docker/api/types/container"

vendor/github.com/docker/docker/client/client_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd || openbsd || netbsd || darwin || solaris || illumos || dragonfly
 // +build linux freebsd openbsd netbsd darwin solaris illumos dragonfly
 
 package client // import "github.com/docker/docker/client"

vendor/github.com/docker/docker/client/container_create.go

@@ -4,8 +4,8 @@ import (
 	"context"
 	"encoding/json"
 	"net/url"
+	"path"
 
-	"github.com/containerd/containerd/platforms"
 	"github.com/docker/docker/api/types/container"
 	"github.com/docker/docker/api/types/network"
 	"github.com/docker/docker/api/types/versions"
@@ -16,7 +16,6 @@ type configWrapper struct {
 	*container.Config
 	HostConfig       *container.HostConfig
 	NetworkingConfig *network.NetworkingConfig
-	Platform         *specs.Platform
 }
 
 // ContainerCreate creates a new container based in the given configuration.
@@ -38,8 +37,8 @@ func (cli *Client) ContainerCreate(ctx context.Context, config *container.Config
 	}
 
 	query := url.Values{}
-	if platform != nil {
-		query.Set("platform", platforms.Format(*platform))
+	if p := formatPlatform(platform); p != "" {
+		query.Set("platform", p)
 	}
 
 	if containerName != "" {
@@ -61,3 +60,15 @@ func (cli *Client) ContainerCreate(ctx context.Context, config *container.Config
 	err = json.NewDecoder(serverResp.body).Decode(&response)
 	return response, err
 }
+
+// formatPlatform returns a formatted string representing platform (e.g. linux/arm/v7).
+//
+// Similar to containerd's platforms.Format(), but does allow components to be
+// omitted (e.g. pass "architecture" only, without "os":
+// https://github.com/containerd/containerd/blob/v1.5.2/platforms/platforms.go#L243-L263
+func formatPlatform(platform *specs.Platform) string {
+	if platform == nil {
+		return ""
+	}
+	return path.Join(platform.OS, platform.Architecture, platform.Variant)
+}

vendor/github.com/docker/docker/errdefs/http_helpers.go

@@ -1,78 +1,11 @@
 package errdefs // import "github.com/docker/docker/errdefs"
 
 import (
-	"fmt"
 	"net/http"
 
-	containerderrors "github.com/containerd/containerd/errdefs"
-	"github.com/docker/distribution/registry/api/errcode"
 	"github.com/sirupsen/logrus"
-	"google.golang.org/grpc/codes"
-	"google.golang.org/grpc/status"
 )
 
-// GetHTTPErrorStatusCode retrieves status code from error message.
-func GetHTTPErrorStatusCode(err error) int {
-	if err == nil {
-		logrus.WithFields(logrus.Fields{"error": err}).Error("unexpected HTTP error handling")
-		return http.StatusInternalServerError
-	}
-
-	var statusCode int
-
-	// Stop right there
-	// Are you sure you should be adding a new error class here? Do one of the existing ones work?
-
-	// Note that the below functions are already checking the error causal chain for matches.
-	switch {
-	case IsNotFound(err):
-		statusCode = http.StatusNotFound
-	case IsInvalidParameter(err):
-		statusCode = http.StatusBadRequest
-	case IsConflict(err):
-		statusCode = http.StatusConflict
-	case IsUnauthorized(err):
-		statusCode = http.StatusUnauthorized
-	case IsUnavailable(err):
-		statusCode = http.StatusServiceUnavailable
-	case IsForbidden(err):
-		statusCode = http.StatusForbidden
-	case IsNotModified(err):
-		statusCode = http.StatusNotModified
-	case IsNotImplemented(err):
-		statusCode = http.StatusNotImplemented
-	case IsSystem(err) || IsUnknown(err) || IsDataLoss(err) || IsDeadline(err) || IsCancelled(err):
-		statusCode = http.StatusInternalServerError
-	default:
-		statusCode = statusCodeFromGRPCError(err)
-		if statusCode != http.StatusInternalServerError {
-			return statusCode
-		}
-		statusCode = statusCodeFromContainerdError(err)
-		if statusCode != http.StatusInternalServerError {
-			return statusCode
-		}
-		statusCode = statusCodeFromDistributionError(err)
-		if statusCode != http.StatusInternalServerError {
-			return statusCode
-		}
-		if e, ok := err.(causer); ok {
-			return GetHTTPErrorStatusCode(e.Cause())
-		}
-
-		logrus.WithFields(logrus.Fields{
-			"module":     "api",
-			"error_type": fmt.Sprintf("%T", err),
-		}).Debugf("FIXME: Got an API for which error does not match any expected type!!!: %+v", err)
-	}
-
-	if statusCode == 0 {
-		statusCode = http.StatusInternalServerError
-	}
-
-	return statusCode
-}
-
 // FromStatusCode creates an errdef error, based on the provided HTTP status-code
 func FromStatusCode(err error, statusCode int) error {
 	if err == nil {
@@ -100,10 +33,10 @@ func FromStatusCode(err error, statusCode int) error {
 			err = System(err)
 		}
 	default:
-		logrus.WithFields(logrus.Fields{
+		logrus.WithError(err).WithFields(logrus.Fields{
 			"module":      "api",
-			"status_code": fmt.Sprintf("%d", statusCode),
-		}).Debugf("FIXME: Got an status-code for which error does not match any expected type!!!: %d", statusCode)
+			"status_code": statusCode,
+		}).Debug("FIXME: Got an status-code for which error does not match any expected type!!!")
 
 		switch {
 		case statusCode >= 200 && statusCode < 400:
@@ -118,74 +51,3 @@ func FromStatusCode(err error, statusCode int) error {
 	}
 	return err
 }
-
-// statusCodeFromGRPCError returns status code according to gRPC error
-func statusCodeFromGRPCError(err error) int {
-	switch status.Code(err) {
-	case codes.InvalidArgument: // code 3
-		return http.StatusBadRequest
-	case codes.NotFound: // code 5
-		return http.StatusNotFound
-	case codes.AlreadyExists: // code 6
-		return http.StatusConflict
-	case codes.PermissionDenied: // code 7
-		return http.StatusForbidden
-	case codes.FailedPrecondition: // code 9
-		return http.StatusBadRequest
-	case codes.Unauthenticated: // code 16
-		return http.StatusUnauthorized
-	case codes.OutOfRange: // code 11
-		return http.StatusBadRequest
-	case codes.Unimplemented: // code 12
-		return http.StatusNotImplemented
-	case codes.Unavailable: // code 14
-		return http.StatusServiceUnavailable
-	default:
-		// codes.Canceled(1)
-		// codes.Unknown(2)
-		// codes.DeadlineExceeded(4)
-		// codes.ResourceExhausted(8)
-		// codes.Aborted(10)
-		// codes.Internal(13)
-		// codes.DataLoss(15)
-		return http.StatusInternalServerError
-	}
-}
-
-// statusCodeFromDistributionError returns status code according to registry errcode
-// code is loosely based on errcode.ServeJSON() in docker/distribution
-func statusCodeFromDistributionError(err error) int {
-	switch errs := err.(type) {
-	case errcode.Errors:
-		if len(errs) < 1 {
-			return http.StatusInternalServerError
-		}
-		if _, ok := errs[0].(errcode.ErrorCoder); ok {
-			return statusCodeFromDistributionError(errs[0])
-		}
-	case errcode.ErrorCoder:
-		return errs.ErrorCode().Descriptor().HTTPStatusCode
-	}
-	return http.StatusInternalServerError
-}
-
-// statusCodeFromContainerdError returns status code for containerd errors when
-// consumed directly (not through gRPC)
-func statusCodeFromContainerdError(err error) int {
-	switch {
-	case containerderrors.IsInvalidArgument(err):
-		return http.StatusBadRequest
-	case containerderrors.IsNotFound(err):
-		return http.StatusNotFound
-	case containerderrors.IsAlreadyExists(err):
-		return http.StatusConflict
-	case containerderrors.IsFailedPrecondition(err):
-		return http.StatusPreconditionFailed
-	case containerderrors.IsUnavailable(err):
-		return http.StatusServiceUnavailable
-	case containerderrors.IsNotImplemented(err):
-		return http.StatusNotImplemented
-	default:
-		return http.StatusInternalServerError
-	}
-}

vendor/github.com/docker/docker/pkg/archive/archive_other.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/archive/archive_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/archive/changes_other.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/archive/changes_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/archive/copy_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/archive/time_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package archive // import "github.com/docker/docker/pkg/archive"

vendor/github.com/docker/docker/pkg/fileutils/fileutils_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd
 // +build linux freebsd
 
 package fileutils // import "github.com/docker/docker/pkg/fileutils"

vendor/github.com/docker/docker/pkg/homedir/homedir_others.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package homedir // import "github.com/docker/docker/pkg/homedir"

vendor/github.com/docker/docker/pkg/homedir/homedir_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package homedir // import "github.com/docker/docker/pkg/homedir"

vendor/github.com/docker/docker/pkg/idtools/idtools_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package idtools // import "github.com/docker/docker/pkg/idtools"

vendor/github.com/docker/docker/pkg/idtools/usergroupadd_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package idtools // import "github.com/docker/docker/pkg/idtools"

vendor/github.com/docker/docker/pkg/idtools/utils_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package idtools // import "github.com/docker/docker/pkg/idtools"

vendor/github.com/docker/docker/pkg/ioutils/temp_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package ioutils // import "github.com/docker/docker/pkg/ioutils"

vendor/github.com/docker/docker/pkg/signal/signal_linux.go

@@ -1,3 +1,4 @@
+//go:build !mips && !mipsle && !mips64 && !mips64le
 // +build !mips,!mipsle,!mips64,!mips64le
 
 package signal // import "github.com/docker/docker/pkg/signal"

vendor/github.com/docker/docker/pkg/signal/signal_linux_mipsx.go

@@ -1,3 +1,4 @@
+//go:build linux && (mips || mipsle || mips64 || mips64le)
 // +build linux
 // +build mips mipsle mips64 mips64le
 

vendor/github.com/docker/docker/pkg/signal/signal_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package signal // import "github.com/docker/docker/pkg/signal"

vendor/github.com/docker/docker/pkg/signal/signal_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !darwin && !freebsd && !windows
 // +build !linux,!darwin,!freebsd,!windows
 
 package signal // import "github.com/docker/docker/pkg/signal"

vendor/github.com/docker/docker/pkg/system/chtimes_nowindows.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/filesys_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/lcow.go

@@ -1,3 +1,4 @@
+//go:build windows && !no_lcow
 // +build windows,!no_lcow
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/lcow_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !windows || (windows && no_lcow)
 // +build !windows windows,no_lcow
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/lstat_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/meminfo_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !windows
 // +build !linux,!windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/mknod.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"
@@ -6,12 +7,6 @@ import (
 	"golang.org/x/sys/unix"
 )
 
-// Mknod creates a filesystem node (file, device special file or named pipe) named path
-// with attributes specified by mode and dev.
-func Mknod(path string, mode uint32, dev int) error {
-	return unix.Mknod(path, mode, dev)
-}
-
 // Mkdev is used to build the value of linux devices (in /dev/) which specifies major
 // and minor number of the newly created device special file.
 // Linux device nodes are a bit weird due to backwards compat with 16 bit device nodes.

vendor/github.com/docker/docker/pkg/system/mknod_freebsd.go

@@ -0,0 +1,14 @@
+//go:build freebsd
+// +build freebsd
+
+package system // import "github.com/docker/docker/pkg/system"
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+// Mknod creates a filesystem node (file, device special file or named pipe) named path
+// with attributes specified by mode and dev.
+func Mknod(path string, mode uint32, dev int) error {
+	return unix.Mknod(path, mode, uint64(dev))
+}

vendor/github.com/docker/docker/pkg/system/mknod_unix.go

@@ -0,0 +1,14 @@
+//go:build !freebsd && !windows
+// +build !freebsd,!windows
+
+package system // import "github.com/docker/docker/pkg/system"
+
+import (
+	"golang.org/x/sys/unix"
+)
+
+// Mknod creates a filesystem node (file, device special file or named pipe) named path
+// with attributes specified by mode and dev.
+func Mknod(path string, mode uint32, dev int) error {
+	return unix.Mknod(path, mode, dev)
+}

vendor/github.com/docker/docker/pkg/system/path_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/process_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd || darwin
 // +build linux freebsd darwin
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/rm.go

@@ -1,3 +1,4 @@
+//go:build !darwin && !windows
 // +build !darwin,!windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/stat_bsd.go

@@ -1,3 +1,4 @@
+//go:build freebsd || netbsd
 // +build freebsd netbsd
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/stat_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/syscall_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd
 // +build linux freebsd
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/umask.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/utimes_unix.go

@@ -1,3 +1,4 @@
+//go:build linux || freebsd
 // +build linux freebsd
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/utimes_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux && !freebsd
 // +build !linux,!freebsd
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/pkg/system/xattrs_unsupported.go

@@ -1,3 +1,4 @@
+//go:build !linux
 // +build !linux
 
 package system // import "github.com/docker/docker/pkg/system"

vendor/github.com/docker/docker/registry/config_unix.go

@@ -1,3 +1,4 @@
+//go:build !windows
 // +build !windows
 
 package registry // import "github.com/docker/docker/registry"

vendor/github.com/docker/docker/vendor.conf

@@ -1,5 +1,5 @@
 github.com/Azure/go-ansiterm                        d6e3b3328b783f23731bc4d058875b0371ff8109
-github.com/Microsoft/hcsshim                        64a2b71405dacf76c95600f4c756a991ad09cf7c # moby branch
+github.com/Microsoft/hcsshim                        a11a2c44e8a4aa9d66314b1d759ef582df5ab5e8 # moby branch
 github.com/Microsoft/go-winio                       7e149e8c70409f36773c1b2cf3447a7ab7697368 # v0.4.20
 github.com/docker/libtrust                          9cbd2a1374f46905c68a4eb3694a130610adc62a
 github.com/golang/gddo                              72a348e765d293ed6d1ded7b699591f14d6cd921
@@ -20,7 +20,7 @@ github.com/creack/pty                               2a38352e8b4d7ab6c336eef107e4
 github.com/sirupsen/logrus                          6699a89a232f3db797f2e280639854bbc4b89725 # v1.7.0
 github.com/tchap/go-patricia                        a7f0089c6f496e8e70402f61733606daa326cac5 # v2.3.0
 golang.org/x/net                                    ab34263943818b32f575efc978a3d24e80b04bd7
-golang.org/x/sys                                    b64e53b001e413bd5067f36d4e439eded3827374
+golang.org/x/sys                                    33da011f77ade50ff5b6a6fb4a9a1e6d6b285809
 github.com/docker/go-units                          519db1ee28dcc9fd2474ae59fca29a810482bfb1 # v0.4.0
 github.com/docker/go-connections                    7395e3f8aa162843a74ed6d48e79627d9792ac55 # v0.4.0
 golang.org/x/text                                   23ae387dee1f90d29a23c0e87ee0b46038fbed0e # v0.3.3
@@ -47,7 +47,7 @@ github.com/grpc-ecosystem/go-grpc-middleware        3c51f7f332123e8be5a157c0802a
 # libnetwork
 
 # When updating, also update LIBNETWORK_COMMIT in hack/dockerfile/install/proxy.installer accordingly
-github.com/docker/libnetwork                        64b7a4574d1426139437d20e81c0b6d391130ec8
+github.com/docker/libnetwork                        f6ccccb1c082a432c2a5814aaedaca56af33d9ea
 github.com/docker/go-events                         e31b211e4f1cd09aa76fe4ac244571fab96ae47f
 github.com/armon/go-radix                           e39d623f12e8e41c7b5529e9a9dd67a1e2261f80
 github.com/armon/go-metrics                         eb0af217e5e9747e41dd5303755356b62d28e3ec
@@ -78,7 +78,7 @@ github.com/modern-go/concurrent                     bacd9c7ef1dd9b15be4a9909b8ac
 github.com/modern-go/reflect2                       94122c33edd36123c84d5368cfb2b69df93a0ec8 # v1.0.1
 
 # get graph and distribution packages
-github.com/docker/distribution                      dcf66392d606f50bf3a9286dcb4bdcdfb7c0e83a # v2.8.0
+github.com/docker/distribution                      b5ca020cfbe998e5af3457fda087444cf5116496 # v2.8.1
 github.com/vbatts/tar-split                         620714a4c508c880ac1bdda9c8370a2b19af1a55 # v0.11.1
 github.com/opencontainers/go-digest                 ea51bea511f75cfa3ef6098cc253c5c3609b037a # v1.0.0
 
@@ -135,16 +135,16 @@ google.golang.org/genproto                          3f1135a288c9a07e340ae8ba4cc6
 github.com/containerd/containerd                    7cfa023d95d37076d5ab035003d4839f4b6ba791 https://github.com/moby/containerd.git # master (v1.5.0-dev) + patch for CVE-2021-41190 and CVE-2022-24769
 github.com/containerd/fifo                          0724c46b320cf96bb172a0550c19a4b1fca4dacb
 github.com/containerd/continuity                    efbc4488d8fe1bdc16bde3b2d2990d9b3a899165
-github.com/containerd/cgroups                       0b889c03f102012f1d93a97ddd3ef71cd6f4f510
+github.com/containerd/cgroups                       b9de8a2212026c07cec67baf3323f1fc0121e048 # v1.0.1 
 github.com/containerd/console                       5d7e1412f07b502a01029ea20e20e0d2be31fa7c # v1.0.1
 github.com/containerd/go-runc                       16b287bc67d069a60fa48db15f330b790b74365b
 github.com/containerd/typeurl                       cd3ce7159eae562a4f60ceff37dada11a939d247 # v1.0.1
 github.com/containerd/ttrpc                         bfba540dc45464586c106b1f31c8547933c1eb41 # v1.0.2
 github.com/gogo/googleapis                          01e0f9cca9b92166042241267ee2a5cdf5cff46c # v1.3.2
-github.com/cilium/ebpf                              1c8d4c9ef7759622653a1d319284a44652333b28
+github.com/cilium/ebpf                              32458a752e0bcbc670691625f84e7ef6aef5655d # v0.4.0
 
 # cluster
-github.com/docker/swarmkit                          286f4575a2d2853c1574e1be10eb1a2450692dfc # bump_20.10
+github.com/docker/swarmkit                          cf1e0f8d95ee37ea1f9a5f8a54c73c1e0fa58a54 # bump_20.10
 github.com/gogo/protobuf                            5628607bb4c51c3157aacc3a50f0ab707582b805 # v1.3.1
 github.com/golang/protobuf                          84668698ea25b64748563aa20726db66a6b8d299 # v1.3.5
 github.com/cloudflare/cfssl                         5d63dbd981b5c408effbb58c442d54761ff94fbd # 1.3.2

vendor/github.com/google/gofuzz/go.mod

@@ -0,0 +1,3 @@
+module github.com/google/gofuzz
+
+go 1.12

vendor/github.com/json-iterator/go/README.md

@@ -1,5 +1,5 @@
 [![Sourcegraph](https://sourcegraph.com/github.com/json-iterator/go/-/badge.svg)](https://sourcegraph.com/github.com/json-iterator/go?badge)
-[![GoDoc](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)](http://godoc.org/github.com/json-iterator/go)
+[![GoDoc](http://img.shields.io/badge/go-documentation-blue.svg?style=flat-square)](https://pkg.go.dev/github.com/json-iterator/go)
 [![Build Status](https://travis-ci.org/json-iterator/go.svg?branch=master)](https://travis-ci.org/json-iterator/go)
 [![codecov](https://codecov.io/gh/json-iterator/go/branch/master/graph/badge.svg)](https://codecov.io/gh/json-iterator/go)
 [![rcard](https://goreportcard.com/badge/github.com/json-iterator/go)](https://goreportcard.com/report/github.com/json-iterator/go)
@@ -8,8 +8,6 @@
 
 A high-performance 100% compatible drop-in replacement of "encoding/json"
 
-You can also use thrift like JSON using [thrift-iterator](https://github.com/thrift-iterator/go)
-
 # Benchmark
 
 ![benchmark](http://jsoniter.com/benchmarks/go-benchmark.png)
@@ -18,16 +16,16 @@ Source code: https://github.com/json-iterator/go-benchmark/blob/master/src/githu
 
 Raw Result (easyjson requires static code generation)
 
-| | ns/op | allocation bytes | allocation times |
-| --- | --- | --- | --- |
-| std decode | 35510 ns/op | 1960 B/op | 99 allocs/op |
-| easyjson decode | 8499 ns/op | 160 B/op | 4 allocs/op |
-| jsoniter decode | 5623 ns/op | 160 B/op | 3 allocs/op |
-| std encode | 2213 ns/op | 712 B/op | 5 allocs/op |
-| easyjson encode | 883 ns/op | 576 B/op | 3 allocs/op |
-| jsoniter encode | 837 ns/op | 384 B/op | 4 allocs/op |
+|                 | ns/op       | allocation bytes | allocation times |
+| --------------- | ----------- | ---------------- | ---------------- |
+| std decode      | 35510 ns/op | 1960 B/op        | 99 allocs/op     |
+| easyjson decode | 8499 ns/op  | 160 B/op         | 4 allocs/op      |
+| jsoniter decode | 5623 ns/op  | 160 B/op         | 3 allocs/op      |
+| std encode      | 2213 ns/op  | 712 B/op         | 5 allocs/op      |
+| easyjson encode | 883 ns/op   | 576 B/op         | 3 allocs/op      |
+| jsoniter encode | 837 ns/op   | 384 B/op         | 4 allocs/op      |
 
-Always benchmark with your own workload. 
+Always benchmark with your own workload.
 The result depends heavily on the data input.
 
 # Usage
@@ -41,10 +39,10 @@ import "encoding/json"
 json.Marshal(&data)
 ```
 
-with 
+with
 
 ```go
-import "github.com/json-iterator/go"
+import jsoniter "github.com/json-iterator/go"
 
 var json = jsoniter.ConfigCompatibleWithStandardLibrary
 json.Marshal(&data)
@@ -60,7 +58,7 @@ json.Unmarshal(input, &data)
 with
 
 ```go
-import "github.com/json-iterator/go"
+import jsoniter "github.com/json-iterator/go"
 
 var json = jsoniter.ConfigCompatibleWithStandardLibrary
 json.Unmarshal(input, &data)
@@ -78,10 +76,10 @@ go get github.com/json-iterator/go
 
 Contributors
 
-* [thockin](https://github.com/thockin) 
-* [mattn](https://github.com/mattn)
-* [cch123](https://github.com/cch123)
-* [Oleg Shaldybin](https://github.com/olegshaldybin)
-* [Jason Toffaletti](https://github.com/toffaletti)
+- [thockin](https://github.com/thockin)
+- [mattn](https://github.com/mattn)
+- [cch123](https://github.com/cch123)
+- [Oleg Shaldybin](https://github.com/olegshaldybin)
+- [Jason Toffaletti](https://github.com/toffaletti)
 
 Report issue or pull request, or email taowen@gmail.com, or [![Gitter chat](https://badges.gitter.im/gitterHQ/gitter.png)](https://gitter.im/json-iterator/Lobby)

vendor/github.com/json-iterator/go/adapter.go

@@ -16,7 +16,7 @@ func Unmarshal(data []byte, v interface{}) error {
 	return ConfigDefault.Unmarshal(data, v)
 }
 
-// UnmarshalFromString convenient method to read from string instead of []byte
+// UnmarshalFromString is a convenient method to read from string instead of []byte
 func UnmarshalFromString(str string, v interface{}) error {
 	return ConfigDefault.UnmarshalFromString(str, v)
 }

vendor/github.com/json-iterator/go/any_str.go

@@ -64,7 +64,6 @@ func (any *stringAny) ToInt64() int64 {
 
 	flag := 1
 	startPos := 0
-	endPos := 0
 	if any.val[0] == '+' || any.val[0] == '-' {
 		startPos = 1
 	}
@@ -73,6 +72,7 @@ func (any *stringAny) ToInt64() int64 {
 		flag = -1
 	}
 
+	endPos := startPos
 	for i := startPos; i < len(any.val); i++ {
 		if any.val[i] >= '0' && any.val[i] <= '9' {
 			endPos = i + 1
@@ -98,7 +98,6 @@ func (any *stringAny) ToUint64() uint64 {
 	}
 
 	startPos := 0
-	endPos := 0
 
 	if any.val[0] == '-' {
 		return 0
@@ -107,6 +106,7 @@ func (any *stringAny) ToUint64() uint64 {
 		startPos = 1
 	}
 
+	endPos := startPos
 	for i := startPos; i < len(any.val); i++ {
 		if any.val[i] >= '0' && any.val[i] <= '9' {
 			endPos = i + 1