From 5945ea8e1b003cddf4f9760412241215a42f8fc8 Mon Sep 17 00:00:00 2001 From: Renovate Bot Date: Thu, 14 May 2026 20:01:30 +0000 Subject: [PATCH] chore(deps): update module github.com/go-git/go-git/v5 to v5.19.0 --- go.mod | 18 +- go.sum | 36 +- vendor/coopcloud.tech/tagcmp/.drone.yml | 6 +- .../github.com/docker/distribution/Dockerfile | 2 +- .../github.com/go-git/go-billy/v5/README.md | 4 + .../go-billy/v5/helper/chroot/chroot.go | 208 +++++++++- .../github.com/go-git/go-billy/v5/osfs/os.go | 5 + .../go-git/go-billy/v5/osfs/os_bound.go | 100 ++++- .../go-git/go-billy/v5/osfs/os_chroot.go | 10 + .../go-git/go-billy/v5/util/util.go | 43 +- .../go-git/v5/plumbing/object/commit.go | 207 +++++----- .../v5/plumbing/object/commit_scanner.go | 377 ++++++++++++++++++ .../go-git/v5/plumbing/object/signature.go | 122 +++++- .../go-git/go-git/v5/plumbing/object/tag.go | 135 ++++--- .../go-git/v5/plumbing/object/tag_scanner.go | 237 +++++++++++ .../go-git/go-git/v5/plumbing/object/tree.go | 128 ++++-- .../v5/plumbing/transport/http/common.go | 168 +++++++- vendor/github.com/pjbgf/sha1cd/Dockerfile.arm | 2 +- .../github.com/pjbgf/sha1cd/Dockerfile.arm64 | 2 +- vendor/github.com/pjbgf/sha1cd/sha1cd.go | 5 - .../pjbgf/sha1cd/sha1cdblock_amd64.go | 4 +- .../pjbgf/sha1cd/sha1cdblock_amd64.s | 8 +- .../pjbgf/sha1cd/sha1cdblock_arm64.go | 4 +- .../pjbgf/sha1cd/sha1cdblock_generic.go | 25 +- vendor/github.com/pjbgf/sha1cd/ubc/ubc.go | 5 +- vendor/golang.org/x/crypto/ssh/cipher.go | 2 +- vendor/golang.org/x/crypto/ssh/client_auth.go | 10 +- vendor/golang.org/x/net/http2/hpack/tables.go | 13 +- vendor/golang.org/x/net/http2/transport.go | 9 +- .../x/sys/cpu/cpu_darwin_arm64_other.go | 2 + .../golang.org/x/sys/cpu/cpu_other_arm64.go | 2 +- .../golang.org/x/sys/cpu/cpu_windows_arm64.go | 42 -- .../golang.org/x/sys/windows/dll_windows.go | 37 +- .../x/sys/windows/security_windows.go | 6 +- vendor/modules.txt | 22 +- 35 files changed, 1600 insertions(+), 406 deletions(-) create mode 100644 vendor/github.com/go-git/go-git/v5/plumbing/object/commit_scanner.go create mode 100644 vendor/github.com/go-git/go-git/v5/plumbing/object/tag_scanner.go delete mode 100644 vendor/golang.org/x/sys/cpu/cpu_windows_arm64.go diff --git a/go.mod b/go.mod index e45915f5..94fe8279 100644 --- a/go.mod +++ b/go.mod @@ -13,14 +13,14 @@ require ( github.com/docker/cli v28.4.0+incompatible github.com/docker/docker v28.5.2+incompatible github.com/docker/go-units v0.5.0 - github.com/go-git/go-git/v5 v5.17.2 + github.com/go-git/go-git/v5 v5.19.0 github.com/google/go-cmp v0.7.0 github.com/leonelquinteros/gotext v1.7.2 github.com/moby/sys/signal v0.7.1 github.com/moby/term v0.5.2 github.com/pkg/errors v0.9.1 github.com/schollz/progressbar/v3 v3.19.0 - golang.org/x/term v0.41.0 + golang.org/x/term v0.42.0 gopkg.in/yaml.v3 v3.0.1 gotest.tools/v3 v3.5.2 ) @@ -60,7 +60,7 @@ require ( github.com/felixge/httpsnoop v1.0.4 // indirect github.com/ghodss/yaml v1.0.0 // indirect github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect - github.com/go-git/go-billy/v5 v5.8.0 // indirect + github.com/go-git/go-billy/v5 v5.9.0 // indirect github.com/go-logfmt/logfmt v0.6.1 // indirect github.com/go-logr/logr v1.4.3 // indirect github.com/go-logr/stdr v1.2.2 // indirect @@ -96,7 +96,7 @@ require ( github.com/opencontainers/go-digest v1.0.0 // indirect github.com/opencontainers/runc v1.1.13 // indirect github.com/opencontainers/runtime-spec v1.1.0 // indirect - github.com/pjbgf/sha1cd v0.5.0 // indirect + github.com/pjbgf/sha1cd v0.6.0 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/prometheus/client_model v0.6.2 // indirect github.com/prometheus/common v0.67.5 // indirect @@ -124,10 +124,10 @@ require ( go.opentelemetry.io/proto/otlp v1.10.0 // indirect go.yaml.in/yaml/v2 v2.4.4 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/crypto v0.49.0 // indirect - golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 // indirect - golang.org/x/net v0.52.0 // indirect - golang.org/x/text v0.35.0 // indirect + golang.org/x/crypto v0.50.0 // indirect + golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f // indirect + golang.org/x/net v0.53.0 // indirect + golang.org/x/text v0.36.0 // indirect golang.org/x/time v0.15.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20260401024825-9d38bb4040a9 // indirect google.golang.org/genproto/googleapis/rpc v0.0.0-20260401024825-9d38bb4040a9 // indirect @@ -155,7 +155,7 @@ require ( github.com/stretchr/testify v1.11.1 github.com/theupdateframework/notary v0.7.0 // indirect github.com/xeipuuv/gojsonpointer v0.0.0-20190905194746-02993c407bfb // indirect - golang.org/x/sys v0.42.0 + golang.org/x/sys v0.43.0 ) replace github.com/docker/cli v28.4.0+incompatible => git.coopcloud.tech/toolshed/docker-cli v28.5.3-0.20260202112816-30df2d0b3a00+incompatible diff --git a/go.sum b/go.sum index 8ccc3118..2945e87e 100644 --- a/go.sum +++ b/go.sum @@ -389,12 +389,12 @@ github.com/gliderlabs/ssh v0.3.8 h1:a4YXD1V7xMF9g5nTkdfnja3Sxy1PVDCj1Zg4Wb8vY6c= github.com/gliderlabs/ssh v0.3.8/go.mod h1:xYoytBv1sV0aL3CavoDuJIQNURXkkfPA/wxQ1pL1fAU= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI= github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic= -github.com/go-git/go-billy/v5 v5.8.0 h1:I8hjc3LbBlXTtVuFNJuwYuMiHvQJDq1AT6u4DwDzZG0= -github.com/go-git/go-billy/v5 v5.8.0/go.mod h1:RpvI/rw4Vr5QA+Z60c6d6LXH0rYJo0uD5SqfmrrheCY= +github.com/go-git/go-billy/v5 v5.9.0 h1:jItGXszUDRtR/AlferWPTMN4j38BQ88XnXKbilmmBPA= +github.com/go-git/go-billy/v5 v5.9.0/go.mod h1:jCnQMLj9eUgGU7+ludSTYoZL/GGmii14RxKFj7ROgHw= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4= github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII= -github.com/go-git/go-git/v5 v5.17.2 h1:B+nkdlxdYrvyFK4GPXVU8w1U+YkbsgciIR7f2sZJ104= -github.com/go-git/go-git/v5 v5.17.2/go.mod h1:pW/VmeqkanRFqR6AljLcs7EA7FbZaN5MQqO7oZADXpo= +github.com/go-git/go-git/v5 v5.19.0 h1:+WkVUQZSy/F1Gb13udrMKjIM2PrzsNfDKFSfo5tkMtc= +github.com/go-git/go-git/v5 v5.19.0/go.mod h1:Pb1v0c7/g8aGQJwx9Us09W85yGoyvSwuhEGMH7zjDKQ= github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8= @@ -753,8 +753,8 @@ github.com/opencontainers/selinux v1.10.0/go.mod h1:2i0OySw99QjzBBQByd1Gr9gSjvuh github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o= github.com/pelletier/go-toml v1.8.1/go.mod h1:T2/BmBdy8dvIRq1a/8aqjN41wvWlN4lrapLU/GW4pbc= github.com/peterbourgon/diskv v2.0.1+incompatible/go.mod h1:uqqh8zWWbv1HBMNONnaR/tNboyR3/BZd58JJSHlUSCU= -github.com/pjbgf/sha1cd v0.5.0 h1:a+UkboSi1znleCDUNT3M5YxjOnN1fz2FhN48FlwCxs0= -github.com/pjbgf/sha1cd v0.5.0/go.mod h1:lhpGlyHLpQZoxMv8HcgXvZEhcGs0PG/vsZnEJ7H0iCM= +github.com/pjbgf/sha1cd v0.6.0 h1:3WJ8Wz8gvDz29quX1OcEmkAlUg9diU4GxJHqs0/XiwU= +github.com/pjbgf/sha1cd v0.6.0/go.mod h1:lhpGlyHLpQZoxMv8HcgXvZEhcGs0PG/vsZnEJ7H0iCM= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1-0.20171018195549-f15c970de5b7/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -966,8 +966,8 @@ golang.org/x/crypto v0.0.0-20201117144127-c1f2f97bffc9/go.mod h1:jdWPYTVW3xRLrWP golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/crypto v0.0.0-20220622213112-05595931fe9d/go.mod h1:IxCIyHEi3zRg3s0A5j5BB6A9Jmi73HwBIUl50j+osU4= -golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4= -golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA= +golang.org/x/crypto v0.50.0 h1:zO47/JPrL6vsNkINmLoo/PH1gcxpls50DNogFvB5ZGI= +golang.org/x/crypto v0.50.0/go.mod h1:3muZ7vA7PBCE6xgPX7nkzzjiUq87kRItoJQM1Yo8S+Q= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -978,8 +978,8 @@ golang.org/x/exp v0.0.0-20191227195350-da58074b4299/go.mod h1:2RIsYlXP63K8oxa1u0 golang.org/x/exp v0.0.0-20200119233911-0405dc783f0a/go.mod h1:2RIsYlXP63K8oxa1u096TMicItID8zy7Y6sNkU49FU4= golang.org/x/exp v0.0.0-20200207192155-f17229e696bd/go.mod h1:J/WKrq2StrnmMY6+EHIKF9dgMWnmCNThgcyBT1FY9mM= golang.org/x/exp v0.0.0-20200224162631-6cc2880d07d6/go.mod h1:3jZMyOhIsHpP37uCMkUooju7aAi5cS1Q23tOzKc+0MU= -golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 h1:jiDhWWeC7jfWqR9c/uplMOqJ0sbNlNWv0UkzE0vX1MA= -golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90/go.mod h1:xE1HEv6b+1SCZ5/uscMRjUBKtIxworgEcEi+/n9NQDQ= +golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f h1:W3F4c+6OLc6H2lb//N1q4WpJkhzJCK5J6kUi1NTVXfM= +golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f/go.mod h1:J1xhfL/vlindoeF/aINzNzt2Bket5bjo9sdOYzOsU80= golang.org/x/image v0.0.0-20190227222117-0694c2d4d067/go.mod h1:kZ7UVZpmo3dzQBMxlp+ypCbDeSB+sBbTgSJuh5dn5js= golang.org/x/image v0.0.0-20190802002840-cff245a6509b/go.mod h1:FeLwcggjj3mMvU+oOTbSwawSJRM1uh48EjtB4UJZlP0= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= @@ -1043,8 +1043,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20211112202133-69e39bad7dc2/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0= -golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw= +golang.org/x/net v0.53.0 h1:d+qAbo5L0orcWAr0a9JweQpjXF19LMXJE8Ey7hwOdUA= +golang.org/x/net v0.53.0/go.mod h1:JvMuJH7rrdiCfbeHoo3fCQU24Lf5JJwT9W3sJFulfgs= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -1140,13 +1140,13 @@ golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo= -golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/sys v0.43.0 h1:Rlag2XtaFTxp19wS8MXlJwTvoh8ArU6ezoyFsMyCTNI= +golang.org/x/sys v0.43.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU= -golang.org/x/term v0.41.0/go.mod h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A= +golang.org/x/term v0.42.0 h1:UiKe+zDFmJobeJ5ggPwOshJIVt6/Ft0rcfrXZDLWAWY= +golang.org/x/term v0.42.0/go.mod h1:Dq/D+snpsbazcBG5+F9Q1n2rXV8Ma+71xEjTRufARgY= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -1156,8 +1156,8 @@ golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8= -golang.org/x/text v0.35.0/go.mod h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA= +golang.org/x/text v0.36.0 h1:JfKh3XmcRPqZPKevfXVpI1wXPTqbkE5f7JA92a55Yxg= +golang.org/x/text v0.36.0/go.mod h1:NIdBknypM8iqVmPiuco0Dh6P5Jcdk8lJL0CUebqK164= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= diff --git a/vendor/coopcloud.tech/tagcmp/.drone.yml b/vendor/coopcloud.tech/tagcmp/.drone.yml index c5f78899..595ec5a8 100644 --- a/vendor/coopcloud.tech/tagcmp/.drone.yml +++ b/vendor/coopcloud.tech/tagcmp/.drone.yml @@ -3,16 +3,16 @@ kind: pipeline name: coopcloud.tech/tagcmp steps: - name: gofmt - image: golang:1.26 + image: golang:1.21 commands: - test -z "$(gofmt -l .)" - name: go build - image: golang:1.26 + image: golang:1.21 commands: - go build -v . - name: go test - image: golang:1.26 + image: golang:1.21 commands: - go test . -cover diff --git a/vendor/github.com/docker/distribution/Dockerfile b/vendor/github.com/docker/distribution/Dockerfile index 98fb181b..ebd42c24 100644 --- a/vendor/github.com/docker/distribution/Dockerfile +++ b/vendor/github.com/docker/distribution/Dockerfile @@ -1,7 +1,7 @@ # syntax=docker/dockerfile:1 ARG GO_VERSION=1.20.8 -ARG ALPINE_VERSION=3.23 +ARG ALPINE_VERSION=3.18 ARG XX_VERSION=1.2.1 FROM --platform=$BUILDPLATFORM tonistiigi/xx:${XX_VERSION} AS xx diff --git a/vendor/github.com/go-git/go-billy/v5/README.md b/vendor/github.com/go-git/go-billy/v5/README.md index da5c0747..f260f794 100644 --- a/vendor/github.com/go-git/go-billy/v5/README.md +++ b/vendor/github.com/go-git/go-billy/v5/README.md @@ -5,6 +5,10 @@ Billy implements an interface based on the `os` standard library, allowing to de Billy was born as part of [go-git/go-git](https://github.com/go-git/go-git) project. +## Version support + +go-billy v5 is in maintenance mode. Users should upgrade to [go-billy v6](https://pkg.go.dev/github.com/go-git/go-billy/v6) where possible. + ## Installation ```go diff --git a/vendor/github.com/go-git/go-billy/v5/helper/chroot/chroot.go b/vendor/github.com/go-git/go-billy/v5/helper/chroot/chroot.go index dbdf1118..299d1653 100644 --- a/vendor/github.com/go-git/go-billy/v5/helper/chroot/chroot.go +++ b/vendor/github.com/go-git/go-billy/v5/helper/chroot/chroot.go @@ -3,19 +3,25 @@ package chroot import ( "errors" "os" + "path" "path/filepath" "strings" + "syscall" "github.com/go-git/go-billy/v5" "github.com/go-git/go-billy/v5/helper/polyfill" ) // ChrootHelper is a helper to implement billy.Chroot. +// It is not a security boundary, callers that need containment should use a +// filesystem implementation that enforces paths at the OS boundary instead. type ChrootHelper struct { underlying billy.Filesystem base string } +const maxFollowedSymlinks = 8 // Aligns with POSIX_SYMLOOP_MAX + // New creates a new filesystem wrapping up the given 'fs'. // The created filesystem has its base in the given ChrootHelperectory of the // underlying filesystem. @@ -34,15 +40,184 @@ func (fs *ChrootHelper) underlyingPath(filename string) (string, error) { return fs.Join(fs.Root(), filename), nil } -func isCrossBoundaries(path string) bool { - path = filepath.ToSlash(path) - path = filepath.Clean(path) +func (fs *ChrootHelper) followedPath(filename string, followFinal bool, op string) (string, error) { + fullpath, err := fs.underlyingPath(filename) + if err != nil { + return "", err + } - return strings.HasPrefix(path, ".."+string(filepath.Separator)) + sl, ok := fs.underlying.(billy.Symlink) + if !ok { + return fullpath, nil + } + + rel, err := fs.relativeToRoot(fullpath) + if err != nil { + return "", err + } + + fullpath, err = fs.resolveFollowedPath(rel, followFinal, op, sl) + if errors.Is(err, billy.ErrNotSupported) { + return fs.underlyingPath(filename) + } + + return fullpath, err +} + +func (fs *ChrootHelper) resolveFollowedPath(rel string, followFinal bool, op string, sl billy.Symlink) (string, error) { + if rel == "" { + return fs.resolveFollowedRoot(followFinal, op, sl) + } + + parts := splitRelativePath(rel) + resolved := "" + followed := 0 + + for len(parts) > 0 { + part := parts[0] + parts = parts[1:] + + currentRel := joinRelativePath(resolved, part) + currentPath := fs.Join(fs.Root(), currentRel) + if len(parts) == 0 && !followFinal { + return currentPath, nil + } + + fi, err := sl.Lstat(currentPath) + if err != nil { + if os.IsNotExist(err) { + return fs.Join(fs.Root(), joinRelativePath(append([]string{currentRel}, parts...)...)), nil + } + return "", err + } + + if fi.Mode()&os.ModeSymlink == 0 { + resolved = currentRel + continue + } + + followed++ + if followed > maxFollowedSymlinks { + return "", symlinkLoopError(op, currentPath) + } + + target, err := sl.Readlink(currentPath) + if err != nil { + return "", err + } + + targetRel, err := fs.linkTargetRel(currentPath, target) + if err != nil { + return "", err + } + if targetRel == currentRel { + return "", symlinkLoopError(op, currentPath) + } + + parts = append(splitRelativePath(targetRel), parts...) + resolved = "" + } + + return fs.Join(fs.Root(), resolved), nil +} + +func symlinkLoopError(op, path string) error { + return &os.PathError{Op: op, Path: path, Err: syscall.ELOOP} +} + +func (fs *ChrootHelper) resolveFollowedRoot(followFinal bool, op string, sl billy.Symlink) (string, error) { + root := fs.Join(fs.Root(), "") + if !followFinal { + return root, nil + } + + fi, err := sl.Lstat(root) + if err != nil { + if os.IsNotExist(err) { + return root, nil + } + return "", err + } + + if fi.Mode()&os.ModeSymlink == 0 { + return root, nil + } + + target, err := sl.Readlink(root) + if err != nil { + return "", err + } + + targetRel, err := fs.linkTargetRel(root, target) + if err != nil { + return root, err + } + if targetRel == "" { + return "", symlinkLoopError(op, root) + } + + return fs.resolveFollowedPath(targetRel, followFinal, op, sl) +} + +func (fs *ChrootHelper) relativeToRoot(filename string) (string, error) { + rel, err := filepath.Rel(filepath.Clean(fs.Root()), filepath.Clean(filename)) + if err != nil || isCrossBoundaries(rel) { + return "", billy.ErrCrossedBoundary + } + + if rel == "." { + return "", nil + } + return rel, nil +} + +func (fs *ChrootHelper) linkTargetRel(linkPath, target string) (string, error) { + target = filepath.FromSlash(target) + if filepath.IsAbs(target) || strings.HasPrefix(target, string(filepath.Separator)) { + return fs.relativeToRoot(target) + } + + return fs.relativeToRoot(fs.Join(filepath.Dir(linkPath), target)) +} + +func splitRelativePath(filename string) []string { + filename = filepath.Clean(filename) + if filename == "" || filename == "." { + return nil + } + + return strings.Split(filepath.ToSlash(filename), "/") +} + +func joinRelativePath(elem ...string) string { + parts := make([]string, 0, len(elem)) + for _, part := range elem { + if part == "" || part == "." { + continue + } + parts = append(parts, part) + } + + if len(parts) == 0 { + return "" + } + return filepath.Join(parts...) +} + +func isCreateExclusive(flag int) bool { + return flag&os.O_CREATE != 0 && flag&os.O_EXCL != 0 +} + +func isCrossBoundaries(name string) bool { + name = filepath.ToSlash(name) + name = strings.TrimLeft(name, "/") + name = path.Clean(name) + + return name == ".." || strings.HasPrefix(name, "../") } func (fs *ChrootHelper) Create(filename string) (billy.File, error) { - fullpath, err := fs.underlyingPath(filename) + fullpath, err := fs.followedPath(filename, true, "create") if err != nil { return nil, err } @@ -56,7 +231,7 @@ func (fs *ChrootHelper) Create(filename string) (billy.File, error) { } func (fs *ChrootHelper) Open(filename string) (billy.File, error) { - fullpath, err := fs.underlyingPath(filename) + fullpath, err := fs.followedPath(filename, true, "open") if err != nil { return nil, err } @@ -70,7 +245,7 @@ func (fs *ChrootHelper) Open(filename string) (billy.File, error) { } func (fs *ChrootHelper) OpenFile(filename string, flag int, mode os.FileMode) (billy.File, error) { - fullpath, err := fs.underlyingPath(filename) + fullpath, err := fs.followedPath(filename, !isCreateExclusive(flag), "open") if err != nil { return nil, err } @@ -84,12 +259,16 @@ func (fs *ChrootHelper) OpenFile(filename string, flag int, mode os.FileMode) (b } func (fs *ChrootHelper) Stat(filename string) (os.FileInfo, error) { - fullpath, err := fs.underlyingPath(filename) + fullpath, err := fs.followedPath(filename, true, "stat") if err != nil { return nil, err } - return fs.underlying.Stat(fullpath) + fi, err := fs.underlying.Stat(fullpath) + if err != nil { + return nil, err + } + return fileInfo{FileInfo: fi, name: filepath.Base(filename)}, nil } func (fs *ChrootHelper) Rename(from, to string) error { @@ -135,7 +314,7 @@ func (fs *ChrootHelper) TempFile(dir, prefix string) (billy.File, error) { } func (fs *ChrootHelper) ReadDir(path string) ([]os.FileInfo, error) { - fullpath, err := fs.underlyingPath(path) + fullpath, err := fs.followedPath(path, true, "readdir") if err != nil { return nil, err } @@ -241,6 +420,11 @@ type file struct { name string } +type fileInfo struct { + os.FileInfo + name string +} + func newFile(fs billy.Filesystem, f billy.File, filename string) billy.File { filename = fs.Join(fs.Root(), filename) filename, _ = filepath.Rel(fs.Root(), filename) @@ -254,3 +438,7 @@ func newFile(fs billy.Filesystem, f billy.File, filename string) billy.File { func (f *file) Name() string { return f.name } + +func (fi fileInfo) Name() string { + return fi.name +} diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os.go b/vendor/github.com/go-git/go-billy/v5/osfs/os.go index a7fe79f2..0c240ef3 100644 --- a/vendor/github.com/go-git/go-billy/v5/osfs/os.go +++ b/vendor/github.com/go-git/go-billy/v5/osfs/os.go @@ -24,6 +24,9 @@ var Default = &ChrootOS{} // New returns a new OS filesystem. // By default paths are deduplicated, but still enforced // under baseDir. For more info refer to WithDeduplicatePath. +// +// New returns ChrootOS by default for v5 compatibility. Users should prefer +// New with WithBoundOS. func New(baseDir string, opts ...Option) billy.Filesystem { o := &options{ deduplicatePath: true, @@ -47,6 +50,8 @@ func WithBoundOS() Option { } // WithChrootOS returns the option of using a Chroot filesystem OS. +// +// Deprecated: use WithBoundOS instead. func WithChrootOS() Option { return func(o *options) { o.Type = ChrootOSFS diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os_bound.go b/vendor/github.com/go-git/go-billy/v5/osfs/os_bound.go index 92ebc3dc..70e6a723 100644 --- a/vendor/github.com/go-git/go-billy/v5/osfs/os_bound.go +++ b/vendor/github.com/go-git/go-billy/v5/osfs/os_bound.go @@ -20,6 +20,7 @@ package osfs import ( + "errors" "fmt" "os" "path/filepath" @@ -29,6 +30,31 @@ import ( "github.com/go-git/go-billy/v5" ) +var ( + // ErrBaseDirCannotBeRemoved is returned when removing the BoundOS base dir. + ErrBaseDirCannotBeRemoved = errors.New("base dir cannot be removed") + + // ErrBaseDirCannotBeRenamed is returned when renaming the BoundOS base dir. + ErrBaseDirCannotBeRenamed = errors.New("base dir cannot be renamed") + + dotPrefixes = dotPathPrefixes() + dotSeparators = dotPathSeparators() +) + +func dotPathPrefixes() []string { + if filepath.Separator == '\\' { + return []string{"./", ".\\"} + } + return []string{"./"} +} + +func dotPathSeparators() string { + if filepath.Separator == '\\' { + return `/\` + } + return `/` +} + // BoundOS is a fs implementation based on the OS filesystem which is bound to // a base dir. // Prefer this fs implementation over ChrootOS. @@ -54,6 +80,7 @@ func (fs *BoundOS) Create(filename string) (billy.File, error) { } func (fs *BoundOS) OpenFile(filename string, flag int, perm os.FileMode) (billy.File, error) { + filename = fs.expandDot(filename) fn, err := fs.abs(filename) if err != nil { return nil, err @@ -62,6 +89,7 @@ func (fs *BoundOS) OpenFile(filename string, flag int, perm os.FileMode) (billy. } func (fs *BoundOS) ReadDir(path string) ([]os.FileInfo, error) { + path = fs.expandDot(path) dir, err := fs.abs(path) if err != nil { return nil, err @@ -71,6 +99,12 @@ func (fs *BoundOS) ReadDir(path string) ([]os.FileInfo, error) { } func (fs *BoundOS) Rename(from, to string) error { + if fs.isBaseDir(from) { + return ErrBaseDirCannotBeRenamed + } + from = fs.expandDot(from) + to = fs.expandDot(to) + f, err := fs.abs(from) if err != nil { return err @@ -89,6 +123,7 @@ func (fs *BoundOS) Rename(from, to string) error { } func (fs *BoundOS) MkdirAll(path string, perm os.FileMode) error { + path = fs.expandDot(path) dir, err := fs.abs(path) if err != nil { return err @@ -101,6 +136,7 @@ func (fs *BoundOS) Open(filename string) (billy.File, error) { } func (fs *BoundOS) Stat(filename string) (os.FileInfo, error) { + filename = fs.expandDot(filename) filename, err := fs.abs(filename) if err != nil { return nil, err @@ -109,6 +145,11 @@ func (fs *BoundOS) Stat(filename string) (os.FileInfo, error) { } func (fs *BoundOS) Remove(filename string) error { + if fs.isBaseDir(filename) { + return ErrBaseDirCannotBeRemoved + } + filename = fs.expandDot(filename) + fn, err := fs.abs(filename) if err != nil { return err @@ -122,6 +163,7 @@ func (fs *BoundOS) Remove(filename string) error { func (fs *BoundOS) TempFile(dir, prefix string) (billy.File, error) { if dir != "" { var err error + dir = fs.expandDot(dir) dir, err = fs.abs(dir) if err != nil { return nil, err @@ -144,6 +186,11 @@ func (fs *BoundOS) Join(elem ...string) string { } func (fs *BoundOS) RemoveAll(path string) error { + if fs.isBaseDir(path) { + return ErrBaseDirCannotBeRemoved + } + path = fs.expandDot(path) + dir, err := fs.abs(path) if err != nil { return err @@ -152,6 +199,7 @@ func (fs *BoundOS) RemoveAll(path string) error { } func (fs *BoundOS) Symlink(target, link string) error { + link = fs.expandDot(link) ln, err := fs.abs(link) if err != nil { return err @@ -164,6 +212,7 @@ func (fs *BoundOS) Symlink(target, link string) error { } func (fs *BoundOS) Lstat(filename string) (os.FileInfo, error) { + filename = fs.expandDot(filename) filename = filepath.Clean(filename) if !filepath.IsAbs(filename) { filename = filepath.Join(fs.baseDir, filename) @@ -175,6 +224,7 @@ func (fs *BoundOS) Lstat(filename string) (os.FileInfo, error) { } func (fs *BoundOS) Readlink(link string) (string, error) { + link = fs.expandDot(link) if !filepath.IsAbs(link) { link = filepath.Clean(filepath.Join(fs.baseDir, link)) } @@ -185,6 +235,7 @@ func (fs *BoundOS) Readlink(link string) (string, error) { } func (fs *BoundOS) Chmod(path string, mode os.FileMode) error { + path = fs.expandDot(path) abspath, err := fs.abs(path) if err != nil { return err @@ -199,7 +250,7 @@ func (fs *BoundOS) Chroot(path string) (billy.Filesystem, error) { if err != nil { return nil, err } - return New(joined), nil + return New(joined, WithBoundOS()), nil } // Root returns the current base dir of the billy.Filesystem. @@ -220,6 +271,37 @@ func (fs *BoundOS) createDir(fullpath string) error { return nil } +func (fs *BoundOS) expandDot(path string) string { + if path == "." { + return fs.baseDir + } + for _, prefix := range dotPrefixes { + if strings.HasPrefix(path, prefix) { + path = strings.TrimLeft(strings.TrimPrefix(path, prefix), dotSeparators) + if path == "" { + return fs.baseDir + } + return path + } + } + return path +} + +func (fs *BoundOS) isBaseDir(path string) bool { + if path == "" || filepath.Clean(path) == "." { + return true + } + path = fs.expandDot(path) + if filepath.Clean(path) == filepath.Clean(fs.baseDir) { + return true + } + abspath, err := fs.abs(path) + if err != nil { + return false + } + return filepath.Clean(abspath) == filepath.Clean(fs.baseDir) +} + // abs transforms filename to an absolute path, taking into account the base dir. // Relative paths won't be allowed to ascend the base dir, so `../file` will become // `/working-dir/file`. @@ -233,7 +315,7 @@ func (fs *BoundOS) abs(filename string) (string, error) { path, err := securejoin.SecureJoin(fs.baseDir, filename) if err != nil { - return "", nil + return "", err } if fs.deduplicatePath { @@ -246,24 +328,12 @@ func (fs *BoundOS) abs(filename string) (string, error) { return path, nil } -// insideBaseDir checks whether filename is located within -// the fs.baseDir. -func (fs *BoundOS) insideBaseDir(filename string) (bool, error) { - if filename == fs.baseDir { - return true, nil - } - if !strings.HasPrefix(filename, fs.baseDir+string(filepath.Separator)) { - return false, fmt.Errorf("path outside base dir") - } - return true, nil -} - // insideBaseDirEval checks whether filename is contained within // a dir that is within the fs.baseDir, by first evaluating any symlinks // that either filename or fs.baseDir may contain. func (fs *BoundOS) insideBaseDirEval(filename string) (bool, error) { // "/" contains all others. - if fs.baseDir == "/" { + if fs.baseDir == "/" || fs.baseDir == filename { return true, nil } dir, err := filepath.EvalSymlinks(filepath.Dir(filename)) diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os_chroot.go b/vendor/github.com/go-git/go-billy/v5/osfs/os_chroot.go index 413b3b89..2fa9d8b5 100644 --- a/vendor/github.com/go-git/go-billy/v5/osfs/os_chroot.go +++ b/vendor/github.com/go-git/go-billy/v5/osfs/os_chroot.go @@ -14,6 +14,8 @@ import ( // ChrootOS is a legacy filesystem based on a "soft chroot" of the os filesystem. // Although this is still the default os filesystem, consider using BoundOS instead. // +// Deprecated: use New with WithBoundOS instead. +// // Behaviours of note: // 1. A "soft chroot" translates the base dir to "/" for the purposes of the // fs abstraction. @@ -24,6 +26,14 @@ import ( type ChrootOS struct{} func newChrootOS(baseDir string) billy.Filesystem { + if baseDir != "" { + resolved, err := filepath.EvalSymlinks(baseDir) + if err != nil { + return chroot.New(&ChrootOS{}, baseDir) + } + baseDir = resolved + } + return chroot.New(&ChrootOS{}, baseDir) } diff --git a/vendor/github.com/go-git/go-billy/v5/util/util.go b/vendor/github.com/go-git/go-billy/v5/util/util.go index 2cdd832c..cd869d6e 100644 --- a/vendor/github.com/go-git/go-billy/v5/util/util.go +++ b/vendor/github.com/go-git/go-billy/v5/util/util.go @@ -16,8 +16,6 @@ import ( // can but returns the first error it encounters. If the path does not exist, // RemoveAll returns nil (no error). func RemoveAll(fs billy.Basic, path string) error { - fs, path = getUnderlyingAndPath(fs, path) - if r, ok := fs.(removerAll); ok { return r.RemoveAll(path) } @@ -39,7 +37,7 @@ func removeAll(fs billy.Basic, path string) error { } // Otherwise, is this a directory we need to recurse into? - dir, serr := fs.Stat(path) + dir, serr := lstat(fs, path) if serr != nil { if errors.Is(serr, os.ErrNotExist) { return nil @@ -48,8 +46,8 @@ func removeAll(fs billy.Basic, path string) error { return serr } - if !dir.IsDir() { - // Not a directory; return the error from Remove. + if dir.Mode()&os.ModeSymlink != 0 || !dir.IsDir() { + // Not a directory we should recurse into; return the error from Remove. return err } @@ -62,7 +60,7 @@ func removeAll(fs billy.Basic, path string) error { fis, err := dirfs.ReadDir(path) if err != nil { if errors.Is(err, os.ErrNotExist) { - // Race. It was deleted between the Lstat and Open. + // Race. It was deleted between the Lstat and ReadDir. // Return nil per RemoveAll's docs. return nil } @@ -91,7 +89,18 @@ func removeAll(fs billy.Basic, path string) error { } return err +} +func lstat(filesystem billy.Basic, path string) (os.FileInfo, error) { + if sl, ok := filesystem.(billy.Symlink); ok { + // Avoid following a symlink substituted after the initial Remove fails. + fi, err := sl.Lstat(path) + if err == nil || !errors.Is(err, billy.ErrNotSupported) { + return fi, err + } + } + + return filesystem.Stat(path) } // WriteFile writes data to a file named by filename in the given filesystem. @@ -123,8 +132,10 @@ func WriteFile(fs billy.Basic, filename string, data []byte, perm os.FileMode) ( // We generate random temporary file names so that there's a good // chance the file doesn't exist yet - keeps the number of tries in // TempFile to a minimum. -var rand uint32 -var randmu sync.Mutex +var ( + rand uint32 + randmu sync.Mutex +) func reseed() uint32 { return uint32(time.Now().UnixNano() + int64(os.Getpid())) @@ -220,22 +231,6 @@ func getTempDir(fs billy.Basic) string { return ".tmp" } -type underlying interface { - Underlying() billy.Basic -} - -func getUnderlyingAndPath(fs billy.Basic, path string) (billy.Basic, string) { - u, ok := fs.(underlying) - if !ok { - return fs, path - } - if ch, ok := fs.(billy.Chroot); ok { - path = fs.Join(ch.Root(), path) - } - - return u.Underlying(), path -} - // ReadFile reads the named file and returns the contents from the given filesystem. // A successful call returns err == nil, not err == EOF. // Because ReadFile reads the whole file, it does not treat an EOF from Read diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go index 78627b06..07034c10 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go @@ -5,7 +5,7 @@ import ( "context" "errors" "fmt" - "io" + "slices" "strings" "github.com/ProtonMail/go-crypto/openpgp" @@ -20,6 +20,7 @@ const ( beginpgp string = "-----BEGIN PGP SIGNATURE-----" endpgp string = "-----END PGP SIGNATURE-----" headerpgp string = "gpgsig" + headerpgp256 string = "gpgsig-sha256" headerencoding string = "encoding" // https://github.com/git/git/blob/bcb6cae2966cc407ca1afc77413b3ef11103c175/Documentation/gitformat-signature.txt#L153 @@ -41,6 +42,11 @@ type MessageEncoding string // in time, such as a timestamp, the author of the changes since the last // commit, a pointer to the previous commit(s), etc. // http://shafiulazam.com/gitbook/1_the_git_object_model.html +// +// When a Commit is populated by Decode it retains a reference to the source +// plumbing.EncodedObject so that EncodeWithoutSignature can reproduce the +// exact bytes the signature was computed over. Refer to EncodeWithoutSignature +// for more information. type Commit struct { // Hash of the commit object. Hash plumbing.Hash @@ -66,6 +72,9 @@ type Commit struct { ExtraHeaders []ExtraHeader s storer.EncodedObjectStorer + // src holds the encoded object this Commit was decoded from, used by + // EncodeWithoutSignature to recover the canonical signed bytes. + src plumbing.EncodedObject } // ExtraHeader holds any non-standard header @@ -98,8 +107,8 @@ func (h ExtraHeader) Format(f fmt.State, verb rune) { func parseExtraHeader(line []byte) (ExtraHeader, bool) { split := bytes.SplitN(line, []byte{' '}, 2) - out := ExtraHeader { - Key: string(bytes.TrimRight(split[0], "\n")), + out := ExtraHeader{ + Key: string(bytes.TrimRight(split[0], "\n")), Value: "", } @@ -181,6 +190,11 @@ func (c *Commit) NumParents() int { var ErrParentNotFound = errors.New("commit parent not found") +// ErrMalformedCommit is returned when a commit object cannot be decoded +// because its standard headers (tree, parent, author, committer) are missing, +// duplicated, or out of order. +var ErrMalformedCommit = errors.New("malformed commit") + // Parent returns the ith parent of a commit. func (c *Commit) Parent(i int) (*Commit, error) { if len(c.ParentHashes) == 0 || i > len(c.ParentHashes)-1 { @@ -227,14 +241,23 @@ func (c *Commit) Type() plumbing.ObjectType { return plumbing.CommitObject } +func (c *Commit) reset() { + storer := c.s + *c = Commit{ + Encoding: defaultUtf8CommitMessageEncoding, + s: storer, + } +} + // Decode transforms a plumbing.EncodedObject into a Commit struct. func (c *Commit) Decode(o plumbing.EncodedObject) (err error) { if o.Type() != plumbing.CommitObject { return ErrUnsupportedObject } + c.reset() c.Hash = o.Hash() - c.Encoding = defaultUtf8CommitMessageEncoding + c.src = o reader, err := o.Reader() if err != nil { @@ -245,97 +268,17 @@ func (c *Commit) Decode(o plumbing.EncodedObject) (err error) { r := sync.GetBufioReader(reader) defer sync.PutBufioReader(r) - var message bool - var mergetag bool - var pgpsig bool - var msgbuf bytes.Buffer - var extraheader *ExtraHeader = nil - for { - line, err := r.ReadBytes('\n') - if err != nil && err != io.EOF { + s := &commitScanner{r: r, c: c} + for state := scanTree; state != nil; { + state, err = state(s) + if err != nil { return err } - - if mergetag { - if len(line) > 0 && line[0] == ' ' { - line = bytes.TrimLeft(line, " ") - c.MergeTag += string(line) - continue - } else { - mergetag = false - } - } - - if pgpsig { - if len(line) > 0 && line[0] == ' ' { - line = bytes.TrimLeft(line, " ") - c.PGPSignature += string(line) - continue - } else { - pgpsig = false - } - } - - if extraheader != nil { - if len(line) > 0 && line[0] == ' ' { - extraheader.Value += string(line[1:]) - continue - } else { - extraheader.Value = strings.TrimRight(extraheader.Value, "\n") - c.ExtraHeaders = append(c.ExtraHeaders, *extraheader) - extraheader = nil - } - } - - if !message { - original_line := line - line = bytes.TrimSpace(line) - if len(line) == 0 { - message = true - continue - } - - split := bytes.SplitN(line, []byte{' '}, 2) - - var data []byte - if len(split) == 2 { - data = split[1] - } - - switch string(split[0]) { - case "tree": - c.TreeHash = plumbing.NewHash(string(data)) - case "parent": - c.ParentHashes = append(c.ParentHashes, plumbing.NewHash(string(data))) - case "author": - c.Author.Decode(data) - case "committer": - c.Committer.Decode(data) - case headermergetag: - c.MergeTag += string(data) + "\n" - mergetag = true - case headerencoding: - c.Encoding = MessageEncoding(data) - case headerpgp: - c.PGPSignature += string(data) + "\n" - pgpsig = true - default: - h, maybecontinued := parseExtraHeader(original_line) - if maybecontinued { - extraheader = &h - } else { - c.ExtraHeaders = append(c.ExtraHeaders, h) - } - } - } else { - msgbuf.Write(line) - } - - if err == io.EOF { - break - } } - c.Message = msgbuf.String() + if !s.sawTree { + return fmt.Errorf("%w: missing tree header", ErrMalformedCommit) + } + c.Message = s.msgbuf.String() return nil } @@ -344,11 +287,73 @@ func (c *Commit) Encode(o plumbing.EncodedObject) error { return c.encode(o, true) } -// EncodeWithoutSignature export a Commit into a plumbing.EncodedObject without the signature (correspond to the payload of the PGP signature). +// EncodeWithoutSignature exports a Commit into a plumbing.EncodedObject +// without any signature headers, producing the payload that PGP/GPG +// signatures are computed over. +// +// Behaviour depends on how the Commit was created: +// +// - For Commits populated by Decode whose exported fields still match the +// source object, the payload is streamed from the raw source bytes with +// gpgsig and gpgsig-sha256 headers (and their continuation lines) +// stripped verbatim. This preserves the exact bytes the signature was +// computed over, regardless of any normalization performed by Decode. +// +// - For Commits constructed in memory, or for decoded Commits whose +// exported fields have been mutated, the payload is derived from the +// current struct fields. Mutation is detected by re-decoding the source +// object and comparing exported fields; if any differ, the in-memory +// representation prevails. func (c *Commit) EncodeWithoutSignature(o plumbing.EncodedObject) error { + if c.matchesSource() { + return stripObjectSignatures(o, c.src, plumbing.CommitObject) + } return c.encode(o, false) } +// matchesSource reports whether c.src is set and re-decoding it produces a +// Commit whose payload-affecting exported fields are identical to those of +// c. It is the auto-detection used by EncodeWithoutSignature to decide +// between the raw bytes and the struct-encoded payload. +// +// PGPSignature is intentionally excluded from the comparison: neither path +// emits it, so mutating it must not trigger a switch to struct-encode (which +// would change the byte layout the caller is trying to verify against). +func (c *Commit) matchesSource() bool { + if c.src == nil { + return false + } + fresh := &Commit{} + if err := fresh.Decode(c.src); err != nil { + return false + } + return c.Hash == fresh.Hash && + signatureEqual(c.Author, fresh.Author) && + signatureEqual(c.Committer, fresh.Committer) && + c.MergeTag == fresh.MergeTag && + c.Message == fresh.Message && + c.TreeHash == fresh.TreeHash && + c.Encoding == fresh.Encoding && + slices.Equal(c.ParentHashes, fresh.ParentHashes) && + slices.Equal(c.ExtraHeaders, fresh.ExtraHeaders) +} + +func signatureEqual(a, b Signature) bool { + return a.Name == b.Name && + a.Email == b.Email && + a.When.Unix() == b.When.Unix() && + a.When.Format("-0700") == b.When.Format("-0700") +} + +func isStandardHeader(key string) bool { + switch key { + case "tree", "parent", "author", "committer", + headerencoding, headermergetag, headerpgp, headerpgp256: + return true + } + return false +} + func (c *Commit) encode(o plumbing.EncodedObject, includeSig bool) (err error) { o.SetType(plumbing.CommitObject) w, err := o.Writer() @@ -407,7 +412,9 @@ func (c *Commit) encode(o plumbing.EncodedObject, includeSig bool) (err error) { } for _, header := range c.ExtraHeaders { - + if isStandardHeader(header.Key) { + continue + } if _, err = fmt.Fprintf(w, "\n%s", header); err != nil { return err } @@ -478,9 +485,21 @@ func (c *Commit) String() string { ) } +// ErrMultipleSignatures is returned by Verify when the commit carries more +// than one armored signature block. Mirrors upstream's parse_gpg_output +// rejection of GOODSIG/BADSIG status lines after the first +// (gpg-interface.c:257-269): multi-signature commits are intentionally +// unsupported because their provenance cannot be reduced to a single +// authoritative signer. +var ErrMultipleSignatures = errors.New("commit has multiple signatures") + // Verify performs PGP verification of the commit with a provided armored // keyring and returns openpgp.Entity associated with verifying key on success. func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) { + if countSignatureBlocks([]byte(c.PGPSignature)) > 1 { + return nil, ErrMultipleSignatures + } + keyRingReader := strings.NewReader(armoredKeyRing) keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) if err != nil { diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit_scanner.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit_scanner.go new file mode 100644 index 00000000..7e4cf544 --- /dev/null +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit_scanner.go @@ -0,0 +1,377 @@ +package object + +import ( + "bufio" + "bytes" + "fmt" + "io" + "strings" + + "github.com/go-git/go-git/v5/plumbing" +) + +// commitScanner holds the working state of the commit decoder driven by the +// stateFn loop in (*Commit).Decode. Each commitState reads one or more lines +// from r, updates the in-progress *Commit and the scanner's bookkeeping, and +// returns the state that should run next (or nil to stop). +type commitScanner struct { + r *bufio.Reader + c *Commit + msgbuf bytes.Buffer + + // pending holds a line that was read but the current state decided to + // hand back to the next state, paired with the io.EOF flag that was + // returned when the line was originally read. + pending []byte + pendingErr error + + // First-occurrence tracking: once the corresponding field has been + // decoded, subsequent occurrences are silently dropped (matches + // upstream's find_commit_header / first-wins semantics). + // + // gpgsig is not tracked here: upstream's parse_buffer_signed_by_header + // (commit.c:1186) accumulates every occurrence into one signature buffer, + // so we do the same on the scanner side to keep verification payloads + // byte-aligned. gpgsig-sha256 is recognized and skipped without exposing a + // new field in v5. + sawTree, sawAuthor, sawCommitter bool + sawEncoding, sawMergetag bool + + // extra is the multi-line ExtraHeader currently being assembled. + extra *ExtraHeader +} + +// commitState is one step of the decoder state machine. Each function reads +// the lines it needs, mutates *Commit via s.c, and returns the next state to +// run (or nil to terminate the loop). +type commitState func(*commitScanner) (commitState, error) + +// readLine returns the next line from the buffer, transparently consuming any +// line that was previously pushed back by a state that decided not to handle +// it. +func (s *commitScanner) readLine() ([]byte, error) { + if s.pending != nil { + line, err := s.pending, s.pendingErr + s.pending, s.pendingErr = nil, nil + return line, err + } + line, err := s.r.ReadBytes('\n') + if err != nil && err != io.EOF { + return line, err + } + return line, err +} + +// pushBack stashes an unconsumed line so the next state's readLine call sees +// it. Only one line can be pushed back at a time. +func (s *commitScanner) pushBack(line []byte, err error) { + s.pending = line + s.pendingErr = err +} + +// scanTree expects the first non-empty header to be `tree HASH`. Anything +// else (or an empty buffer) is rejected with ErrMalformedCommit, matching +// upstream's `bogus commit object` check. +func scanTree(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 || isBlankLine(line) { + return nil, fmt.Errorf("%w: missing tree header", ErrMalformedCommit) + } + + key, data := splitHeader(line) + if key != "tree" { + return nil, fmt.Errorf("%w: tree header must be first", ErrMalformedCommit) + } + h, herr := parseObjectIDHex(data, ErrMalformedCommit, "tree") + if herr != nil { + return nil, herr + } + s.c.TreeHash = h + s.sawTree = true + if err == io.EOF { + return nil, nil + } + return scanParents, nil +} + +// scanParents consumes contiguous `parent HASH` lines. The first non-parent +// line ends the parent block and is handed off to scanAuthor; any later +// `parent` line is silently dropped (matches upstream's parse_commit_buffer +// exiting its parent loop at the first non-parent line and +// read_commit_extra_header_lines filtering `parent` out of extras). +func scanParents(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanMessage, nil + } + + key, data := splitHeader(line) + if key == "parent" { + h, herr := parseObjectIDHex(data, ErrMalformedCommit, "parent") + if herr != nil { + return nil, herr + } + s.c.ParentHashes = append(s.c.ParentHashes, h) + if err == io.EOF { + return nil, nil + } + return scanParents, nil + } + s.pushBack(line, err) + return scanAuthor, nil +} + +// scanAuthor accepts an `author` line at its canonical position immediately +// after the parent block. Any other header here is pushed back for +// scanCommitter; an out-of-place author is therefore silently dropped. +// Mirrors upstream's parse_commit_date func. +func scanAuthor(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanMessage, nil + } + + key, data := splitHeader(line) + if key == "author" { + s.c.Author.Decode(data) + s.sawAuthor = true + if err == io.EOF { + return nil, nil + } + return scanCommitter, nil + } + s.pushBack(line, err) + return scanCommitter, nil +} + +// scanCommitter accepts a `committer` line at its canonical position +// immediately after the author. Any other header is pushed back for +// scanHeaders. Same upstream rationale as scanAuthor. +func scanCommitter(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanMessage, nil + } + + key, data := splitHeader(line) + if key == "committer" { + s.c.Committer.Decode(data) + s.sawCommitter = true + if err == io.EOF { + return nil, nil + } + return scanHeaders, nil + } + s.pushBack(line, err) + return scanHeaders, nil +} + +// scanHeaders dispatches one header line. Continuation-bearing headers +// (mergetag, gpgsig, gpgsig-sha256, and unknown extras whose value is +// continued on subsequent lines) hand off to a dedicated continuation state +// that handles the `...` lines and then returns here. +func scanHeaders(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanMessage, nil + } + + originalLine := line + key, data := splitHeader(line) + + var next commitState = scanHeaders + switch key { + case "tree", "parent", "author", "committer": + // Anything reaching scanHeaders with one of these keys is out of + // canonical position: duplicate tree, parent past the contiguous + // block, or author/committer not at their expected slot. Drop them + // the same way upstream's standard_header_field filter excludes + // them from the extras list (read_commit_extra_header_lines, + // commit.c:1520-1522). + case headerencoding: + if !s.sawEncoding { + s.c.Encoding = MessageEncoding(data) + s.sawEncoding = true + } + case headermergetag: + if s.sawMergetag { + next = scanSkipCont + } else { + s.c.MergeTag += string(data) + "\n" + s.sawMergetag = true + next = scanMergetagCont + } + case headerpgp: + s.c.PGPSignature += string(data) + "\n" + next = scanPgpCont + case headerpgp256: + next = scanSkipCont + default: + h, multiline := parseExtraHeader(originalLine) + if multiline { + s.extra = &h + next = scanExtraCont + } else { + s.c.ExtraHeaders = append(s.c.ExtraHeaders, h) + } + } + + if err == io.EOF { + return nil, nil + } + return next, nil +} + +// scanMergetagCont accumulates continuation lines for the first mergetag +// header. Continuations strip exactly one leading space, mirroring upstream's +// `line + 1` (commit.c:1509). The first non-continuation line is pushed back +// so scanHeaders can dispatch it. +func scanMergetagCont(s *commitScanner) (commitState, error) { + return continuationCont(s, &s.c.MergeTag, scanMergetagCont) +} + +// scanPgpCont accumulates continuation lines for a signature header. +// Continuations strip exactly one leading space, mirroring upstream's +// `line + 1` (commit.c:1509). The first non-continuation line is pushed back +// so scanHeaders can dispatch it. Repeat occurrences of the same signature +// header land back here and concatenate, matching upstream's +// parse_buffer_signed_by_header (commit.c:1186). +func scanPgpCont(s *commitScanner) (commitState, error) { + return continuationCont(s, &s.c.PGPSignature, scanPgpCont) +} + +func continuationCont(s *commitScanner, dst *string, self commitState) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 && line[0] == ' ' { + *dst += string(line[1:]) + if err == io.EOF { + return nil, nil + } + return self, nil + } + if len(line) > 0 { + s.pushBack(line, err) + } + return scanHeaders, nil +} + +// scanSkipCont discards continuation lines that belong to a header scanHeaders +// chose to drop. +func scanSkipCont(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 && line[0] == ' ' { + if err == io.EOF { + return nil, nil + } + return scanSkipCont, nil + } + if len(line) > 0 { + s.pushBack(line, err) + } + return scanHeaders, nil +} + +// scanExtraCont accumulates continuation lines for an unknown ExtraHeader +// whose value spans multiple lines, then finalises the entry once the +// continuation block ends. +func scanExtraCont(s *commitScanner) (commitState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 && line[0] == ' ' { + s.extra.Value += string(line[1:]) + if err == io.EOF { + s.finaliseExtra() + return nil, nil + } + return scanExtraCont, nil + } + s.finaliseExtra() + if len(line) > 0 { + s.pushBack(line, err) + } + return scanHeaders, nil +} + +func (s *commitScanner) finaliseExtra() { + s.extra.Value = strings.TrimRight(s.extra.Value, "\n") + s.c.ExtraHeaders = append(s.c.ExtraHeaders, *s.extra) + s.extra = nil +} + +// scanMessage drains the remaining bytes into the message buffer. +func scanMessage(s *commitScanner) (commitState, error) { + for { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 { + s.msgbuf.Write(line) + } + if err == io.EOF { + return nil, nil + } + } +} + +// isBlankLine reports whether line is the canonical header/body separator: +// a single newline. Mirrors upstream's `*line == '\n'` test in +// read_commit_extra_header_lines (commit.c:1502). +func isBlankLine(line []byte) bool { + return len(line) == 1 && line[0] == '\n' +} + +// splitHeader returns the header keyword (everything before the first space) +// and the value (everything after, with the trailing newline stripped). If +// the header has no value the returned data is nil. +func splitHeader(line []byte) (string, []byte) { + trimmed := bytes.TrimRight(line, "\n") + key, value, ok := bytes.Cut(trimmed, []byte{' '}) + if !ok { + return string(trimmed), nil + } + return string(key), value +} + +func parseObjectIDHex(data []byte, malformedErr error, header string) (plumbing.Hash, error) { + id := string(data) + if !plumbing.IsHash(id) { + return plumbing.ZeroHash, fmt.Errorf("%w: bad %s hash", malformedErr, header) + } + return plumbing.NewHash(id), nil +} diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/signature.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/signature.go index f9c3d306..3346e4fd 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/signature.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/signature.go @@ -1,6 +1,13 @@ package object -import "bytes" +import ( + "bytes" + "io" + + "github.com/go-git/go-git/v5/plumbing" + "github.com/go-git/go-git/v5/utils/ioutil" + "github.com/go-git/go-git/v5/utils/sync" +) const ( signatureTypeUnknown signatureType = iota @@ -100,3 +107,116 @@ func parseSignedBytes(b []byte) (int, signatureType) { } return match, t } + +// countSignatureBlocks reports how many distinct armored signature blocks +// start at a line boundary in b. Used by verification paths to reject +// multi-signature payloads, matching upstream's check in gpg-interface.c +// where parse_gpg_output bails out the first time it sees a second +// exclusive status line (a second GOODSIG/BADSIG/etc.). +func countSignatureBlocks(b []byte) int { + n, count := 0, 0 + for n < len(b) { + i := b[n:] + if typeForSignature(i) != signatureTypeUnknown { + count++ + } + if eol := bytes.IndexByte(i, '\n'); eol >= 0 { + n += eol + 1 + continue + } + break + } + return count +} + +// isSignatureHeader reports whether line is a canonical "gpgsig "/ +// "gpgsig-sha256 " header line. Other "gpgsig"-prefixed extra headers +// are intentionally not matched. +func isSignatureHeader(line []byte) bool { + return bytes.HasPrefix(line, []byte(headerpgp+" ")) || + bytes.HasPrefix(line, []byte(headerpgp256+" ")) +} + +// stripObjectSignatures streams src into dst, producing the byte sequence +// over which a PGP/GPG signature is computed: +// +// - Canonical "gpgsig" and "gpgsig-sha256" headers (and their +// continuation lines) are dropped, mirroring upstream's +// remove_signature in commit.c. +// - For tag objects, the inline trailing PGP signature is additionally +// truncated, mirroring upstream's parse_signature in gpg-interface.c +// used by gpg_verify_tag. +// +// The returned object's type is set to objType. Used by both +// Commit.EncodeWithoutSignature and Tag.EncodeWithoutSignature to +// reproduce the exact bytes the signature was computed over. +func stripObjectSignatures(dst, src plumbing.EncodedObject, objType plumbing.ObjectType) (err error) { + dst.SetType(objType) + + r, err := src.Reader() + if err != nil { + return err + } + defer ioutil.CheckClose(r, &err) + + var input io.Reader = r + if objType == plumbing.TagObject { + raw, err := io.ReadAll(r) + if err != nil { + return err + } + if sm, _ := parseSignedBytes(raw); sm >= 0 { + raw = raw[:sm] + } + input = bytes.NewReader(raw) + } + + w, err := dst.Writer() + if err != nil { + return err + } + defer ioutil.CheckClose(w, &err) + + return stripHeaderSignatures(w, input) +} + +// stripHeaderSignatures copies r to w, dropping canonical signature header +// lines (gpgsig and gpgsig-sha256) and their continuation lines. Lines +// past the blank line that closes the header block are copied verbatim. +func stripHeaderSignatures(w io.Writer, r io.Reader) error { + br := sync.GetBufioReader(r) + defer sync.PutBufioReader(br) + + var inBody, skipping bool + for { + line, rerr := br.ReadBytes('\n') + if rerr != nil && rerr != io.EOF { + return rerr + } + + write := true + if !inBody { + switch { + case skipping && len(line) > 0 && line[0] == ' ': + write = false + case isSignatureHeader(line): + skipping = true + write = false + case len(line) == 1 && line[0] == '\n': + skipping = false + inBody = true + default: + skipping = false + } + } + + if write && len(line) > 0 { + if _, werr := w.Write(line); werr != nil { + return werr + } + } + if rerr == io.EOF { + return nil + } + } +} diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go index cf46c08e..93e56a4a 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go @@ -1,9 +1,8 @@ package object import ( - "bytes" + "errors" "fmt" - "io" "strings" "github.com/ProtonMail/go-crypto/openpgp" @@ -13,6 +12,10 @@ import ( "github.com/go-git/go-git/v5/utils/sync" ) +// ErrMalformedTag is returned when a tag object cannot be decoded because +// its required headers (object, type, tag) are missing or out of order. +var ErrMalformedTag = errors.New("malformed tag") + // Tag represents an annotated tag object. It points to a single git object of // any type, but tags typically are applied to commit or blob objects. It // provides a reference that associates the target with a tag name. It also @@ -39,6 +42,9 @@ type Tag struct { Target plumbing.Hash s storer.EncodedObjectStorer + // src holds the encoded object this Tag was decoded from, used by + // EncodeWithoutSignature to recover the canonical signed bytes. + src plumbing.EncodedObject } // GetTag gets a tag from an object storer and decodes it. @@ -77,13 +83,20 @@ func (t *Tag) Type() plumbing.ObjectType { return plumbing.TagObject } +func (t *Tag) reset() { + storer := t.s + *t = Tag{s: storer} +} + // Decode transforms a plumbing.EncodedObject into a Tag struct. func (t *Tag) Decode(o plumbing.EncodedObject) (err error) { if o.Type() != plumbing.TagObject { return ErrUnsupportedObject } + t.reset() t.Hash = o.Hash() + t.src = o reader, err := o.Reader() if err != nil { @@ -94,42 +107,15 @@ func (t *Tag) Decode(o plumbing.EncodedObject) (err error) { r := sync.GetBufioReader(reader) defer sync.PutBufioReader(r) - for { - var line []byte - line, err = r.ReadBytes('\n') - if err != nil && err != io.EOF { + scanner := &tagScanner{r: r, t: t} + for state := scanTagObject; state != nil; { + state, err = state(scanner) + if err != nil { return err } - - line = bytes.TrimSpace(line) - if len(line) == 0 { - break // Start of message - } - - split := bytes.SplitN(line, []byte{' '}, 2) - switch string(split[0]) { - case "object": - t.Target = plumbing.NewHash(string(split[1])) - case "type": - t.TargetType, err = plumbing.ParseObjectType(string(split[1])) - if err != nil { - return err - } - case "tag": - t.Name = string(split[1]) - case "tagger": - t.Tagger.Decode(split[1]) - } - - if err == io.EOF { - return nil - } } - data, err := io.ReadAll(r) - if err != nil { - return err - } + data := scanner.msgbuf.Bytes() if sm, _ := parseSignedBytes(data); sm >= 0 { t.PGPSignature = string(data[sm:]) data = data[:sm] @@ -144,11 +130,54 @@ func (t *Tag) Encode(o plumbing.EncodedObject) error { return t.encode(o, true) } -// EncodeWithoutSignature export a Tag into a plumbing.EncodedObject without the signature (correspond to the payload of the PGP signature). +// EncodeWithoutSignature exports a Tag into a plumbing.EncodedObject without +// any signature data, producing the payload that PGP/GPG signatures are +// computed over. +// +// Behaviour mirrors Commit.EncodeWithoutSignature: +// +// - For Tags populated by Decode whose exported fields still match the +// source object, the payload is streamed from the raw source bytes with +// the inline trailing signature truncated and gpgsig/gpgsig-sha256 +// headers (and their continuation lines) stripped verbatim. This +// preserves the exact bytes the signature was computed over, regardless +// of any normalization performed by Decode. +// +// - For Tags constructed in memory, or for decoded Tags whose exported +// fields have been mutated, the payload is derived from the current +// struct fields. Mutation is detected by re-decoding the source object +// and comparing exported fields; if any differ, the in-memory +// representation prevails. func (t *Tag) EncodeWithoutSignature(o plumbing.EncodedObject) error { + if t.matchesSource() { + return stripObjectSignatures(o, t.src, plumbing.TagObject) + } return t.encode(o, false) } +// matchesSource reports whether t.src is set and re-decoding it produces a +// Tag whose payload-affecting exported fields are identical to those of t. +// +// PGPSignature is intentionally excluded from the comparison: neither path +// emits it as part of the verification payload, so mutating it must not +// trigger a switch to struct-encode (which would change the byte layout the +// caller is trying to verify against). +func (t *Tag) matchesSource() bool { + if t.src == nil { + return false + } + fresh := &Tag{} + if err := fresh.Decode(t.src); err != nil { + return false + } + return t.Hash == fresh.Hash && + t.Name == fresh.Name && + signatureEqual(t.Tagger, fresh.Tagger) && + t.Message == fresh.Message && + t.TargetType == fresh.TargetType && + t.Target == fresh.Target +} + func (t *Tag) encode(o plumbing.EncodedObject, includeSig bool) (err error) { o.SetType(plumbing.TagObject) w, err := o.Writer() @@ -158,16 +187,26 @@ func (t *Tag) encode(o plumbing.EncodedObject, includeSig bool) (err error) { defer ioutil.CheckClose(w, &err) if _, err = fmt.Fprintf(w, - "object %s\ntype %s\ntag %s\ntagger ", + "object %s\ntype %s\ntag %s\n", t.Target.String(), t.TargetType.Bytes(), t.Name); err != nil { return err } - if err = t.Tagger.Encode(w); err != nil { - return err + if !isZeroSignature(t.Tagger) { + if _, err = fmt.Fprint(w, "tagger "); err != nil { + return err + } + + if err = t.Tagger.Encode(w); err != nil { + return err + } + + if _, err = fmt.Fprint(w, "\n"); err != nil { + return err + } } - if _, err = fmt.Fprint(w, "\n\n"); err != nil { + if _, err = fmt.Fprint(w, "\n"); err != nil { return err } @@ -175,11 +214,12 @@ func (t *Tag) encode(o plumbing.EncodedObject, includeSig bool) (err error) { return err } - // Note that this is highly sensitive to what it sent along in the message. - // Message *always* needs to end with a newline, or else the message and the - // signature will be concatenated into a corrupt object. Since this is a - // lower-level method, we assume you know what you are doing and have already - // done the needful on the message in the caller. + // Note that this is highly sensitive to what is sent along in the + // message. Message *always* needs to end with a newline, or else the + // message and the trailing signature will be concatenated into a + // corrupt object. Since this is a lower-level method, we assume you + // know what you are doing and have already done the needful on the + // message in the caller. if includeSig { if _, err = fmt.Fprint(w, t.PGPSignature); err != nil { return err @@ -189,6 +229,10 @@ func (t *Tag) encode(o plumbing.EncodedObject, includeSig bool) (err error) { return err } +func isZeroSignature(s Signature) bool { + return s.Name == "" && s.Email == "" && s.When.IsZero() +} + // Commit returns the commit pointed to by the tag. If the tag points to a // different type of object ErrUnsupportedObject will be returned. func (t *Tag) Commit() (*Commit, error) { @@ -256,7 +300,8 @@ func (t *Tag) String() string { } // Verify performs PGP verification of the tag with a provided armored -// keyring and returns openpgp.Entity associated with verifying key on success. +// keyring and returns openpgp.Entity associated with verifying key on +// success. func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) { keyRingReader := strings.NewReader(armoredKeyRing) keyring, err := openpgp.ReadArmoredKeyRing(keyRingReader) diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag_scanner.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag_scanner.go new file mode 100644 index 00000000..2bfb3a1d --- /dev/null +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag_scanner.go @@ -0,0 +1,237 @@ +package object + +import ( + "bufio" + "bytes" + "fmt" + "io" + + "github.com/go-git/go-git/v5/plumbing" +) + +// tagScanner holds the working state of the tag decoder driven by the +// stateFn loop in (*Tag).Decode. Each tagState reads one or more lines +// from r, updates the in-progress *Tag and the scanner's bookkeeping, +// and returns the state that should run next (or nil to stop). +type tagScanner struct { + r *bufio.Reader + t *Tag + msgbuf bytes.Buffer + + // pending holds a line that was read but the current state decided to + // hand back to the next state, paired with the io.EOF flag returned + // when the line was originally read. + pending []byte + pendingErr error + + // First-occurrence tracking: once the corresponding canonical + // header has been decoded at its expected position, subsequent + // occurrences (or out-of-position lines) are silently dropped, + // matching the strict layout enforced by upstream's + // parse_tag_buffer (tag.c:130). + // + // gpgsig-sha256 is recognized and skipped without exposing a new field + // in v5. + sawObject, sawType, sawName, sawTagger bool +} + +// tagState is one step of the decoder state machine. Each function reads +// the lines it needs, mutates *Tag via s.t, and returns the next state +// to run (or nil to terminate the loop). +type tagState func(*tagScanner) (tagState, error) + +// readLine returns the next line from the buffer, transparently +// consuming any line that was previously pushed back by a state that +// decided not to handle it. +func (s *tagScanner) readLine() ([]byte, error) { + if s.pending != nil { + line, err := s.pending, s.pendingErr + s.pending, s.pendingErr = nil, nil + return line, err + } + return s.r.ReadBytes('\n') +} + +// pushBack stashes an unconsumed line so the next state's readLine call +// sees it. Only one line can be pushed back at a time. +func (s *tagScanner) pushBack(line []byte, err error) { + s.pending = line + s.pendingErr = err +} + +// scanTagObject requires the first line to be `object HASH`, mirroring +// upstream's strict parse_tag_buffer (tag.c:151-156). Anything else +// returns ErrMalformedTag. +func scanTagObject(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 || isBlankLine(line) { + return nil, fmt.Errorf("%w: missing object header", ErrMalformedTag) + } + + key, data := splitHeader(line) + if key != "object" { + return nil, fmt.Errorf("%w: object header must be first", ErrMalformedTag) + } + h, herr := parseObjectIDHex(data, ErrMalformedTag, "object") + if herr != nil { + return nil, herr + } + s.t.Target = h + s.sawObject = true + if err == io.EOF { + return nil, nil + } + return scanTagType, nil +} + +// scanTagType requires a `type` line immediately after the object header, +// mirroring upstream's parse_tag_buffer (tag.c:158-166). +func scanTagType(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 || isBlankLine(line) { + return nil, fmt.Errorf("%w: missing type header", ErrMalformedTag) + } + + key, data := splitHeader(line) + if key != "type" { + return nil, fmt.Errorf("%w: type header must follow object", ErrMalformedTag) + } + ot, perr := plumbing.ParseObjectType(string(data)) + if perr != nil { + return nil, perr + } + s.t.TargetType = ot + s.sawType = true + if err == io.EOF { + return nil, nil + } + return scanTagName, nil +} + +// scanTagName requires a `tag` line immediately after the type header, +// mirroring upstream's parse_tag_buffer (tag.c:186-194). +func scanTagName(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 || isBlankLine(line) { + return nil, fmt.Errorf("%w: missing tag header", ErrMalformedTag) + } + + key, data := splitHeader(line) + if key != "tag" { + return nil, fmt.Errorf("%w: tag header must follow type", ErrMalformedTag) + } + s.t.Name = string(data) + s.sawName = true + if err == io.EOF { + return nil, nil + } + return scanTagTagger, nil +} + +// scanTagTagger accepts a `tagger` line at its canonical position. Any +// other header is pushed back for scanTagHeaders. +func scanTagTagger(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanTagMessage, nil + } + + key, data := splitHeader(line) + if key == "tagger" { + s.t.Tagger.Decode(data) + s.sawTagger = true + if err == io.EOF { + return nil, nil + } + return scanTagHeaders, nil + } + s.pushBack(line, err) + return scanTagHeaders, nil +} + +// scanTagHeaders dispatches one header line. gpgsig-sha256 hands off to +// scanTagSkipCont so the continuation block can be consumed; out-of-position +// canonical fields and unknown headers are silently dropped. +func scanTagHeaders(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) == 0 { + return nil, nil + } + if isBlankLine(line) { + return scanTagMessage, nil + } + + key, _ := splitHeader(line) + next := scanTagHeaders + switch key { + case "object", "type", "tag", "tagger": + // Out-of-canonical-position duplicates are dropped, mirroring the + // strict ordering of upstream's parse_tag_buffer. + case headerpgp256: + next = scanTagSkipCont + default: + // Unknown header: silently dropped (the Tag struct does not + // expose ExtraHeaders). + } + + if err == io.EOF { + return nil, nil + } + return next, nil +} + +// scanTagSkipCont discards continuation lines for a header scanTagHeaders chose +// to drop. The first non-continuation line is pushed back so scanTagHeaders can +// dispatch it. +func scanTagSkipCont(s *tagScanner) (tagState, error) { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 && line[0] == ' ' { + if err == io.EOF { + return nil, nil + } + return scanTagSkipCont, nil + } + if len(line) > 0 { + s.pushBack(line, err) + } + return scanTagHeaders, nil +} + +// scanTagMessage drains the remaining bytes into the message buffer. +// (*Tag).Decode then runs parseSignedBytes over those bytes to peel off +// the optional inline trailing PGP signature. +func scanTagMessage(s *tagScanner) (tagState, error) { + for { + line, err := s.readLine() + if err != nil && err != io.EOF { + return nil, err + } + if len(line) > 0 { + s.msgbuf.Write(line) + } + if err == io.EOF { + return nil, nil + } + } +} diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/tree.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tree.go index 2e1b7891..d0d0036d 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tree.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tree.go @@ -29,6 +29,7 @@ var ( ErrDirectoryNotFound = errors.New("directory not found") ErrEntryNotFound = errors.New("entry not found") ErrEntriesNotSorted = errors.New("entries in tree are not sorted") + ErrMalformedTree = errors.New("malformed tree") ) // Tree is basically like a directory - it references a bunch of other trees @@ -37,9 +38,9 @@ type Tree struct { Entries []TreeEntry Hash plumbing.Hash - s storer.EncodedObjectStorer - m map[string]*TreeEntry - t map[string]*Tree // tree path cache + s storer.EncodedObjectStorer + t map[string]*Tree // tree path cache + entriesSorted bool } // GetTree gets a tree from an object storer and decodes it. @@ -182,16 +183,43 @@ func (t *Tree) dir(baseName string) (*Tree, error) { } func (t *Tree) entry(baseName string) (*TreeEntry, error) { - if t.m == nil { - t.buildMap() - } - - entry, ok := t.m[baseName] - if !ok { + if t.entriesSorted { + if entry := t.searchEntry(baseName); entry != nil { + return entry, nil + } return nil, ErrEntryNotFound } - return entry, nil + pastName := baseName + "/" + for i := range t.Entries { + entry := &t.Entries[i] + if entry.Name == baseName { + return entry, nil + } + if treeEntrySortName(entry) > pastName { + break + } + } + + return nil, ErrEntryNotFound +} + +func (t *Tree) searchEntry(baseName string) *TreeEntry { + if i := t.searchEntryIndex(baseName); i < len(t.Entries) && t.Entries[i].Name == baseName { + return &t.Entries[i] + } + + if i := t.searchEntryIndex(baseName + "/"); i < len(t.Entries) && t.Entries[i].Name == baseName { + return &t.Entries[i] + } + + return nil +} + +func (t *Tree) searchEntryIndex(name string) int { + return sort.Search(len(t.Entries), func(i int) bool { + return treeEntrySortName(&t.Entries[i]) >= name + }) } // Files returns a FileIter allowing to iterate over the Tree @@ -212,20 +240,25 @@ func (t *Tree) Type() plumbing.ObjectType { return plumbing.TreeObject } +func (t *Tree) reset() { + storer := t.s + *t = Tree{s: storer} +} + // Decode transform an plumbing.EncodedObject into a Tree struct func (t *Tree) Decode(o plumbing.EncodedObject) (err error) { if o.Type() != plumbing.TreeObject { return ErrUnsupportedObject } + t.reset() t.Hash = o.Hash() + // assume tree is sorted as a valid tree should always be sorted. + t.entriesSorted = true if o.Size() == 0 { return nil } - t.Entries = nil - t.m = nil - reader, err := o.Reader() if err != nil { return err @@ -235,10 +268,14 @@ func (t *Tree) Decode(o plumbing.EncodedObject) (err error) { r := sync.GetBufioReader(reader) defer sync.PutBufioReader(r) + var prevSortName string for { str, err := r.ReadString(' ') if err != nil { if err == io.EOF { + if len(str) != 0 { + return fmt.Errorf("%w: missing mode terminator", ErrMalformedTree) + } break } @@ -248,25 +285,41 @@ func (t *Tree) Decode(o plumbing.EncodedObject) (err error) { mode, err := filemode.New(str) if err != nil { - return err + return fmt.Errorf("%w: malformed mode", ErrMalformedTree) } + mode = canonicalTreeMode(mode) name, err := r.ReadString(0) - if err != nil && err != io.EOF { + if err != nil { + if err == io.EOF { + return fmt.Errorf("%w: missing filename terminator", ErrMalformedTree) + } return err } + if len(name) == 1 { + return fmt.Errorf("%w: empty filename", ErrMalformedTree) + } var hash plumbing.Hash if _, err = io.ReadFull(r, hash[:]); err != nil { + if errors.Is(err, io.EOF) || errors.Is(err, io.ErrUnexpectedEOF) { + return fmt.Errorf("%w: truncated object id", ErrMalformedTree) + } return err } baseName := name[:len(name)-1] - t.Entries = append(t.Entries, TreeEntry{ + entry := TreeEntry{ Hash: hash, Mode: mode, Name: baseName, - }) + } + sortName := treeEntrySortName(&entry) + if len(t.Entries) != 0 && prevSortName > sortName { + t.entriesSorted = false + } + prevSortName = sortName + t.Entries = append(t.Entries, entry) } return nil @@ -279,21 +332,37 @@ func (s TreeEntrySorter) Len() int { } func (s TreeEntrySorter) Less(i, j int) bool { - name1 := s[i].Name - name2 := s[j].Name - if s[i].Mode == filemode.Dir { - name1 += "/" - } - if s[j].Mode == filemode.Dir { - name2 += "/" - } - return name1 < name2 + return treeEntrySortName(&s[i]) < treeEntrySortName(&s[j]) } func (s TreeEntrySorter) Swap(i, j int) { s[i], s[j] = s[j], s[i] } +// Git compares tree entries as if directory names had a trailing slash. +func treeEntrySortName(e *TreeEntry) string { + if e.Mode == filemode.Dir { + return e.Name + "/" + } + return e.Name +} + +func canonicalTreeMode(mode filemode.FileMode) filemode.FileMode { + switch mode & 0o170000 { + case 0o040000: + return filemode.Dir + case 0o100000: + if mode&0o111 != 0 { + return filemode.Executable + } + return filemode.Regular + case 0o120000: + return filemode.Symlink + default: + return filemode.Submodule + } +} + // Encode transforms a Tree into a plumbing.EncodedObject. // The tree entries must be sorted by name. func (t *Tree) Encode(o plumbing.EncodedObject) (err error) { @@ -329,13 +398,6 @@ func (t *Tree) Encode(o plumbing.EncodedObject) (err error) { return err } -func (t *Tree) buildMap() { - t.m = make(map[string]*TreeEntry) - for i := 0; i < len(t.Entries); i++ { - t.m[t.Entries[i].Name] = &t.Entries[i] - } -} - // Diff returns a list of changes between this tree and the provided one func (t *Tree) Diff(to *Tree) (Changes, error) { return t.DiffContext(context.Background(), to) diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/http/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/http/common.go index 5dd2e311..83f93f16 100644 --- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/http/common.go +++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/http/common.go @@ -7,7 +7,6 @@ import ( "crypto/tls" "crypto/x509" "fmt" - "net" "net/http" "net/url" "reflect" @@ -24,6 +23,33 @@ import ( "github.com/go-git/go-git/v5/utils/ioutil" ) +type contextKey int + +const initialRequestKey contextKey = iota + +// RedirectPolicy controls how the HTTP transport follows redirects. +// +// The values mirror Git's http.followRedirects config: +// "true" follows redirects for all requests, "false" treats redirects as +// errors, and "initial" follows redirects only for the initial +// /info/refs discovery request. The zero value defaults to "initial". +type RedirectPolicy string + +const ( + FollowInitialRedirects RedirectPolicy = "initial" + FollowRedirects RedirectPolicy = "true" + NoFollowRedirects RedirectPolicy = "false" +) + +func withInitialRequest(ctx context.Context) context.Context { + return context.WithValue(ctx, initialRequestKey, true) +} + +func isInitialRequest(req *http.Request) bool { + v, _ := req.Context().Value(initialRequestKey).(bool) + return v +} + // it requires a bytes.Buffer, because we need to know the length func applyHeadersToRequest(req *http.Request, content *bytes.Buffer, host string, requestType string) { req.Header.Add("User-Agent", capability.DefaultAgent()) @@ -54,12 +80,15 @@ func advertisedReferences(ctx context.Context, s *session, serviceName string) ( s.ApplyAuthToRequest(req) applyHeadersToRequest(req, nil, s.endpoint.Host, serviceName) - res, err := s.client.Do(req.WithContext(ctx)) + res, err := s.client.Do(req.WithContext(withInitialRequest(ctx))) if err != nil { return nil, err } - s.ModifyEndpointIfRedirect(res) + if err := s.ModifyEndpointIfRedirect(res); err != nil { + _ = res.Body.Close() + return nil, err + } defer ioutil.CheckClose(res.Body, &err) if err = NewErr(res); err != nil { @@ -96,6 +125,7 @@ type client struct { client *http.Client transports *lru.Cache mutex sync.RWMutex + follow RedirectPolicy } // ClientOptions holds user configurable options for the client. @@ -106,6 +136,11 @@ type ClientOptions struct { // size, will result in the least recently used transport getting deleted // before the provided transport is added to the cache. CacheMaxEntries int + + // RedirectPolicy controls redirect handling. Supported values are + // "true", "false", and "initial". The zero value defaults to + // "initial", matching Git's http.followRedirects default. + RedirectPolicy RedirectPolicy } var ( @@ -150,12 +185,16 @@ func NewClientWithOptions(c *http.Client, opts *ClientOptions) transport.Transpo } cl := &client{ client: c, + follow: FollowInitialRedirects, } if opts != nil { if opts.CacheMaxEntries > 0 { cl.transports = lru.New(opts.CacheMaxEntries) } + if opts.RedirectPolicy != "" { + cl.follow = opts.RedirectPolicy + } } return cl } @@ -289,14 +328,9 @@ func newSession(c *client, ep *transport.Endpoint, auth transport.AuthMethod) (* } } - httpClient = &http.Client{ - Transport: transport, - CheckRedirect: c.client.CheckRedirect, - Jar: c.client.Jar, - Timeout: c.client.Timeout, - } + httpClient = c.cloneHTTPClient(transport) } else { - httpClient = c.client + httpClient = c.cloneHTTPClient(c.client.Transport) } s := &session{ @@ -324,30 +358,122 @@ func (s *session) ApplyAuthToRequest(req *http.Request) { s.auth.SetAuth(req) } -func (s *session) ModifyEndpointIfRedirect(res *http.Response) { +func (s *session) ModifyEndpointIfRedirect(res *http.Response) error { if res.Request == nil { - return + return nil + } + if s.endpoint == nil { + return fmt.Errorf("http redirect: nil endpoint") } r := res.Request if !strings.HasSuffix(r.URL.Path, infoRefsPath) { - return + return fmt.Errorf("http redirect: target %q does not end with %s", r.URL.Path, infoRefsPath) + } + if r.URL.Scheme != "http" && r.URL.Scheme != "https" { + return fmt.Errorf("http redirect: unsupported scheme %q", r.URL.Scheme) + } + if r.URL.Scheme != s.endpoint.Protocol && + !(s.endpoint.Protocol == "http" && r.URL.Scheme == "https") { + return fmt.Errorf("http redirect: changes scheme from %q to %q", s.endpoint.Protocol, r.URL.Scheme) } - h, p, err := net.SplitHostPort(r.URL.Host) + host := endpointHost(r.URL.Hostname()) + port, err := endpointPort(r.URL.Port()) if err != nil { - h = r.URL.Host + return err } - if p != "" { - port, err := strconv.Atoi(p) - if err == nil { - s.endpoint.Port = port - } + + if host != s.endpoint.Host || effectivePort(r.URL.Scheme, port) != effectivePort(s.endpoint.Protocol, s.endpoint.Port) { + s.endpoint.User = "" + s.endpoint.Password = "" + s.auth = nil } - s.endpoint.Host = h + + s.endpoint.Host = host + s.endpoint.Port = port s.endpoint.Protocol = r.URL.Scheme s.endpoint.Path = r.URL.Path[:len(r.URL.Path)-len(infoRefsPath)] + return nil +} + +func endpointHost(host string) string { + if strings.Contains(host, ":") { + return "[" + host + "]" + } + + return host +} + +func endpointPort(port string) (int, error) { + if port == "" { + return 0, nil + } + + parsed, err := strconv.Atoi(port) + if err != nil { + return 0, fmt.Errorf("http redirect: invalid port %q", port) + } + + return parsed, nil +} + +func effectivePort(scheme string, port int) int { + if port != 0 { + return port + } + + switch strings.ToLower(scheme) { + case "http": + return 80 + case "https": + return 443 + default: + return 0 + } +} + +func (c *client) cloneHTTPClient(transport http.RoundTripper) *http.Client { + return &http.Client{ + Transport: transport, + CheckRedirect: wrapCheckRedirect(c.follow, c.client.CheckRedirect), + Jar: c.client.Jar, + Timeout: c.client.Timeout, + } +} + +func wrapCheckRedirect(policy RedirectPolicy, next func(*http.Request, []*http.Request) error) func(*http.Request, []*http.Request) error { + return func(req *http.Request, via []*http.Request) error { + if err := checkRedirect(req, via, policy); err != nil { + return err + } + if next != nil { + return next(req, via) + } + return nil + } +} + +func checkRedirect(req *http.Request, via []*http.Request, policy RedirectPolicy) error { + switch policy { + case FollowRedirects: + case NoFollowRedirects: + return fmt.Errorf("http redirect: redirects disabled to %s", req.URL) + case "", FollowInitialRedirects: + if !isInitialRequest(req) { + return fmt.Errorf("http redirect: redirect on non-initial request to %s", req.URL) + } + default: + return fmt.Errorf("http redirect: invalid redirect policy %q", policy) + } + if req.URL.Scheme != "http" && req.URL.Scheme != "https" { + return fmt.Errorf("http redirect: unsupported scheme %q", req.URL.Scheme) + } + if len(via) >= 10 { + return fmt.Errorf("http redirect: too many redirects") + } + return nil } func (*session) Close() error { diff --git a/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm b/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm index dd7770ce..1fe43ec4 100644 --- a/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm +++ b/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm @@ -1,4 +1,4 @@ -FROM golang:1.26@sha256:313faae491b410a35402c05d35e7518ae99103d957308e940e1ae2cfa0aac29b +FROM golang:1.25@sha256:31c1e53dfc1cc2d269deec9c83f58729fa3c53dc9a576f6426109d1e319e9e9a ENV GOOS=linux ENV GOARCH=arm diff --git a/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm64 b/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm64 index 3569ebdf..af7f2e21 100644 --- a/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm64 +++ b/vendor/github.com/pjbgf/sha1cd/Dockerfile.arm64 @@ -1,4 +1,4 @@ -FROM golang:1.26@sha256:313faae491b410a35402c05d35e7518ae99103d957308e940e1ae2cfa0aac29b +FROM golang:1.25@sha256:31c1e53dfc1cc2d269deec9c83f58729fa3c53dc9a576f6426109d1e319e9e9a ENV GOOS=linux ENV GOARCH=arm64 diff --git a/vendor/github.com/pjbgf/sha1cd/sha1cd.go b/vendor/github.com/pjbgf/sha1cd/sha1cd.go index b8d2890a..865a995c 100644 --- a/vendor/github.com/pjbgf/sha1cd/sha1cd.go +++ b/vendor/github.com/pjbgf/sha1cd/sha1cd.go @@ -12,7 +12,6 @@ package sha1cd // Original: https://github.com/golang/go/blob/master/src/crypto/sha1/sha1.go import ( - "crypto" "encoding/binary" "errors" "hash" @@ -20,10 +19,6 @@ import ( shared "github.com/pjbgf/sha1cd/internal" ) -func init() { - crypto.RegisterHash(crypto.SHA1, New) -} - // The size of a SHA-1 checksum in bytes. const Size = shared.Size diff --git a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.go b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.go index 7b3ad25b..6b716abd 100644 --- a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.go +++ b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.go @@ -37,9 +37,9 @@ func block(dig *digest, p []byte) { chunk := p[:shared.Chunk] blockAMD64(dig.h[:], chunk, m1[:], cs[:]) - rectifyCompressionState(m1, &cs) + rectifyCompressionState(&m1, &cs) - col := checkCollision(m1, cs, dig.h) + col := checkCollision(&m1, &cs, &dig.h) if col { dig.col = true diff --git a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.s b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.s index e2725f3c..061906a9 100644 --- a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.s +++ b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_amd64.s @@ -11,11 +11,11 @@ // Reference implementations: // - https://github.com/golang/go/blob/master/src/crypto/sha1/sha1block_amd64.s +// Reverse the dword order in abcd via PSHUFD then store the 16 bytes in one +// move, instead of issuing four VPEXTRD's that each go through the store port. #define LOADCS(abcd, e, index, target) \ - VPEXTRD $3, abcd, ((index*20)+0)(target); \ - VPEXTRD $2, abcd, ((index*20)+4)(target); \ - VPEXTRD $1, abcd, ((index*20)+8)(target); \ - VPEXTRD $0, abcd, ((index*20)+12)(target); \ + VPSHUFD $0x1B, abcd, X8; \ + VMOVDQU X8, ((index*20)+0)(target); \ MOVL e, ((index*20)+16)(target); #define LOADM1(m1, index, target) \ diff --git a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_arm64.go b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_arm64.go index e641c958..f44f22da 100644 --- a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_arm64.go +++ b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_arm64.go @@ -34,8 +34,8 @@ func block(dig *digest, p []byte) { blockARM64(dig.h[:], chunk, m1[:], cs[:]) - rectifyCompressionState(m1, &cs) - col := checkCollision(m1, cs, dig.h) + rectifyCompressionState(&m1, &cs) + col := checkCollision(&m1, &cs, &dig.h) if col { dig.col = true diff --git a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_generic.go b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_generic.go index 0569a1f6..a80148eb 100644 --- a/vendor/github.com/pjbgf/sha1cd/sha1cdblock_generic.go +++ b/vendor/github.com/pjbgf/sha1cd/sha1cdblock_generic.go @@ -127,7 +127,8 @@ func blockGeneric(dig *digest, p []byte) { } if hi == 1 { - col := checkCollision(m1, cs, [shared.WordBuffers]uint32{h0, h1, h2, h3, h4}) + h := [shared.WordBuffers]uint32{h0, h1, h2, h3, h4} + col := checkCollision(&m1, &cs, &h) if col { dig.col = true hi++ @@ -143,23 +144,23 @@ func blockGeneric(dig *digest, p []byte) { //go:noinline func checkCollision( - m1 [shared.Rounds]uint32, - cs [shared.PreStepState][shared.WordBuffers]uint32, - h [shared.WordBuffers]uint32, + m1 *[shared.Rounds]uint32, + cs *[shared.PreStepState][shared.WordBuffers]uint32, + h *[shared.WordBuffers]uint32, ) bool { if mask := ubc.CalculateDvMask(m1); mask != 0 { dvs := ubc.SHA1_dvs() for i := 0; dvs[i].DvType != 0; i++ { if (mask & ((uint32)(1) << uint32(dvs[i].MaskB))) != 0 { - var csState [shared.WordBuffers]uint32 + var csState *[shared.WordBuffers]uint32 switch dvs[i].TestT { case 58: - csState = cs[1] + csState = &cs[1] case 65: - csState = cs[2] + csState = &cs[2] case 0: - csState = cs[0] + csState = &cs[0] default: panic(fmt.Sprintf("dvs data is trying to use a testT that isn't available: %d", dvs[i].TestT)) } @@ -168,7 +169,7 @@ func checkCollision( dvs[i].TestT, // testT is the step number // m2 is a secondary message created XORing with // ubc's DM prior to the SHA recompression step. - m1, dvs[i].Dm, + m1, &dvs[i].Dm, csState, h) @@ -182,8 +183,8 @@ func checkCollision( } //go:nosplit -func hasCollided(step uint32, m1, dm [shared.Rounds]uint32, - state [shared.WordBuffers]uint32, h [shared.WordBuffers]uint32) bool { +func hasCollided(step uint32, m1, dm *[shared.Rounds]uint32, + state *[shared.WordBuffers]uint32, h *[shared.WordBuffers]uint32) bool { // Intermediary Hash Value. ihv := [shared.WordBuffers]uint32{} @@ -282,7 +283,7 @@ func hasCollided(step uint32, m1, dm [shared.Rounds]uint32, // //go:nosplit func rectifyCompressionState( - m1 [shared.Rounds]uint32, + m1 *[shared.Rounds]uint32, cs *[shared.PreStepState][shared.WordBuffers]uint32, ) { if cs == nil { diff --git a/vendor/github.com/pjbgf/sha1cd/ubc/ubc.go b/vendor/github.com/pjbgf/sha1cd/ubc/ubc.go index 0da55c07..bd932051 100644 --- a/vendor/github.com/pjbgf/sha1cd/ubc/ubc.go +++ b/vendor/github.com/pjbgf/sha1cd/ubc/ubc.go @@ -29,7 +29,10 @@ type DvInfo struct { // bitconditions for that DV have been met. // //go:nosplit -func CalculateDvMask(W [80]uint32) uint32 { +func CalculateDvMask(W *[80]uint32) uint32 { + if W == nil { + return 0 + } mask := uint32(0xFFFFFFFF) mask &= (((((W[44] ^ W[45]) >> 29) & 1) - 1) | ^(DV_I_48_0_bit | DV_I_51_0_bit | DV_I_52_0_bit | DV_II_45_0_bit | DV_II_46_0_bit | DV_II_50_0_bit | DV_II_51_0_bit)) mask &= (((((W[49] ^ W[50]) >> 29) & 1) - 1) | ^(DV_I_46_0_bit | DV_II_45_0_bit | DV_II_50_0_bit | DV_II_51_0_bit | DV_II_55_0_bit | DV_II_56_0_bit)) diff --git a/vendor/golang.org/x/crypto/ssh/cipher.go b/vendor/golang.org/x/crypto/ssh/cipher.go index 7554ed57..ad2b3705 100644 --- a/vendor/golang.org/x/crypto/ssh/cipher.go +++ b/vendor/golang.org/x/crypto/ssh/cipher.go @@ -586,7 +586,7 @@ func (c *cbcCipher) writeCipherPacket(seqNum uint32, w io.Writer, rand io.Reader // Length of encrypted portion of the packet (header, payload, padding). // Enforce minimum padding and packet size. - encLength := maxUInt32(prefixLen+len(packet)+cbcMinPaddingSize, cbcMinPaddingSize) + encLength := maxUInt32(prefixLen+len(packet)+cbcMinPaddingSize, cbcMinPacketSize) // Enforce block size. encLength = (encLength + effectiveBlockSize - 1) / effectiveBlockSize * effectiveBlockSize diff --git a/vendor/golang.org/x/crypto/ssh/client_auth.go b/vendor/golang.org/x/crypto/ssh/client_auth.go index 3127e499..4f2f75c3 100644 --- a/vendor/golang.org/x/crypto/ssh/client_auth.go +++ b/vendor/golang.org/x/crypto/ssh/client_auth.go @@ -274,10 +274,14 @@ func pickSignatureAlgorithm(signer Signer, extensions map[string][]byte) (MultiA } // Filter algorithms based on those supported by MultiAlgorithmSigner. + // Iterate over the signer's algorithms first to preserve its preference order. + supportedKeyAlgos := algorithmsForKeyFormat(keyFormat) var keyAlgos []string - for _, algo := range algorithmsForKeyFormat(keyFormat) { - if slices.Contains(as.Algorithms(), underlyingAlgo(algo)) { - keyAlgos = append(keyAlgos, algo) + for _, signerAlgo := range as.Algorithms() { + if idx := slices.IndexFunc(supportedKeyAlgos, func(algo string) bool { + return underlyingAlgo(algo) == signerAlgo + }); idx >= 0 { + keyAlgos = append(keyAlgos, supportedKeyAlgos[idx]) } } diff --git a/vendor/golang.org/x/net/http2/hpack/tables.go b/vendor/golang.org/x/net/http2/hpack/tables.go index 8cbdf3f0..803fe517 100644 --- a/vendor/golang.org/x/net/http2/hpack/tables.go +++ b/vendor/golang.org/x/net/http2/hpack/tables.go @@ -6,6 +6,7 @@ package hpack import ( "fmt" + "strings" ) // headerFieldTable implements a list of HeaderFields. @@ -54,10 +55,16 @@ func (t *headerFieldTable) len() int { // addEntry adds a new entry. func (t *headerFieldTable) addEntry(f HeaderField) { + // Prevent f from escaping to the heap. + f2 := HeaderField{ + Name: strings.Clone(f.Name), + Value: strings.Clone(f.Value), + Sensitive: f.Sensitive, + } id := uint64(t.len()) + t.evictCount + 1 - t.byName[f.Name] = id - t.byNameValue[pairNameValue{f.Name, f.Value}] = id - t.ents = append(t.ents, f) + t.byName[f2.Name] = id + t.byNameValue[pairNameValue{f2.Name, f2.Value}] = id + t.ents = append(t.ents, f2) } // evictOldest evicts the n oldest entries in the table. diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go index 2e9c2f6a..19553f10 100644 --- a/vendor/golang.org/x/net/http2/transport.go +++ b/vendor/golang.org/x/net/http2/transport.go @@ -718,9 +718,6 @@ func canRetryError(err error) bool { } func (t *Transport) dialClientConn(ctx context.Context, addr string, singleUse bool) (*ClientConn, error) { - if t.transportTestHooks != nil { - return t.newClientConn(nil, singleUse, nil) - } host, _, err := net.SplitHostPort(addr) if err != nil { return nil, err @@ -2861,6 +2858,9 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { var seenMaxConcurrentStreams bool err := f.ForeachSetting(func(s Setting) error { + if err := s.Valid(); err != nil { + return err + } switch s.ID { case SettingMaxFrameSize: cc.maxFrameSize = s.Val @@ -2892,9 +2892,6 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { cc.henc.SetMaxDynamicTableSize(s.Val) cc.peerMaxHeaderTableSize = s.Val case SettingEnableConnectProtocol: - if err := s.Valid(); err != nil { - return err - } // If the peer wants to send us SETTINGS_ENABLE_CONNECT_PROTOCOL, // we require that it do so in the first SETTINGS frame. // diff --git a/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go b/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go index 4ee68e38..37ecc664 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go +++ b/vendor/golang.org/x/sys/cpu/cpu_darwin_arm64_other.go @@ -6,6 +6,8 @@ package cpu +import "runtime" + func doinit() { setMinimalFeatures() diff --git a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go index 6c7c5bfd..53f814d7 100644 --- a/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go +++ b/vendor/golang.org/x/sys/cpu/cpu_other_arm64.go @@ -2,7 +2,7 @@ // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -//go:build !darwin && !linux && !netbsd && !openbsd && !windows && arm64 +//go:build !darwin && !linux && !netbsd && !openbsd && arm64 package cpu diff --git a/vendor/golang.org/x/sys/cpu/cpu_windows_arm64.go b/vendor/golang.org/x/sys/cpu/cpu_windows_arm64.go deleted file mode 100644 index d09e85a3..00000000 --- a/vendor/golang.org/x/sys/cpu/cpu_windows_arm64.go +++ /dev/null @@ -1,42 +0,0 @@ -// Copyright 2026 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package cpu - -import ( - "golang.org/x/sys/windows" -) - -func doinit() { - // set HasASIMD and HasFP to true as per - // https://learn.microsoft.com/en-us/cpp/build/arm64-windows-abi-conventions?view=msvc-170#base-requirements - // - // The ARM64 version of Windows always presupposes that it's running on an ARMv8 or later architecture. - // Both floating-point and NEON support are presumed to be present in hardware. - // - ARM64.HasASIMD = true - ARM64.HasFP = true - - if windows.IsProcessorFeaturePresent(windows.PF_ARM_V8_CRYPTO_INSTRUCTIONS_AVAILABLE) { - ARM64.HasAES = true - ARM64.HasPMULL = true - ARM64.HasSHA1 = true - ARM64.HasSHA2 = true - } - ARM64.HasSHA3 = windows.IsProcessorFeaturePresent(windows.PF_ARM_SHA3_INSTRUCTIONS_AVAILABLE) - ARM64.HasCRC32 = windows.IsProcessorFeaturePresent(windows.PF_ARM_V8_CRC32_INSTRUCTIONS_AVAILABLE) - ARM64.HasSHA512 = windows.IsProcessorFeaturePresent(windows.PF_ARM_SHA512_INSTRUCTIONS_AVAILABLE) - ARM64.HasATOMICS = windows.IsProcessorFeaturePresent(windows.PF_ARM_V81_ATOMIC_INSTRUCTIONS_AVAILABLE) - if windows.IsProcessorFeaturePresent(windows.PF_ARM_V82_DP_INSTRUCTIONS_AVAILABLE) { - ARM64.HasASIMDDP = true - ARM64.HasASIMDRDM = true - } - if windows.IsProcessorFeaturePresent(windows.PF_ARM_V83_LRCPC_INSTRUCTIONS_AVAILABLE) { - ARM64.HasLRCPC = true - ARM64.HasSM3 = true - } - ARM64.HasSVE = windows.IsProcessorFeaturePresent(windows.PF_ARM_SVE_INSTRUCTIONS_AVAILABLE) - ARM64.HasSVE2 = windows.IsProcessorFeaturePresent(windows.PF_ARM_SVE2_INSTRUCTIONS_AVAILABLE) - ARM64.HasJSCVT = windows.IsProcessorFeaturePresent(windows.PF_ARM_V83_JSCVT_INSTRUCTIONS_AVAILABLE) -} diff --git a/vendor/golang.org/x/sys/windows/dll_windows.go b/vendor/golang.org/x/sys/windows/dll_windows.go index 3ca814f5..1157b06d 100644 --- a/vendor/golang.org/x/sys/windows/dll_windows.go +++ b/vendor/golang.org/x/sys/windows/dll_windows.go @@ -163,42 +163,7 @@ func (p *Proc) Addr() uintptr { // (according to the semantics of the specific function being called) before consulting // the error. The error will be guaranteed to contain windows.Errno. func (p *Proc) Call(a ...uintptr) (r1, r2 uintptr, lastErr error) { - switch len(a) { - case 0: - return syscall.Syscall(p.Addr(), uintptr(len(a)), 0, 0, 0) - case 1: - return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], 0, 0) - case 2: - return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], 0) - case 3: - return syscall.Syscall(p.Addr(), uintptr(len(a)), a[0], a[1], a[2]) - case 4: - return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], 0, 0) - case 5: - return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], 0) - case 6: - return syscall.Syscall6(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5]) - case 7: - return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], 0, 0) - case 8: - return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], 0) - case 9: - return syscall.Syscall9(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8]) - case 10: - return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], 0, 0) - case 11: - return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], 0) - case 12: - return syscall.Syscall12(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11]) - case 13: - return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], 0, 0) - case 14: - return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], 0) - case 15: - return syscall.Syscall15(p.Addr(), uintptr(len(a)), a[0], a[1], a[2], a[3], a[4], a[5], a[6], a[7], a[8], a[9], a[10], a[11], a[12], a[13], a[14]) - default: - panic("Call " + p.Name + " with too many arguments " + itoa(len(a)) + ".") - } + return syscall.SyscallN(p.Addr(), a...) } // A LazyDLL implements access to a single DLL. diff --git a/vendor/golang.org/x/sys/windows/security_windows.go b/vendor/golang.org/x/sys/windows/security_windows.go index a8b0364c..6c955cea 100644 --- a/vendor/golang.org/x/sys/windows/security_windows.go +++ b/vendor/golang.org/x/sys/windows/security_windows.go @@ -1438,13 +1438,17 @@ func GetSecurityInfo(handle Handle, objectType SE_OBJECT_TYPE, securityInformati } // GetNamedSecurityInfo queries the security information for a given named object and returns the self-relative security -// descriptor result on the Go heap. +// descriptor result on the Go heap. The security descriptor might be nil, even when err is nil, if the object exists +// but has no security descriptor. func GetNamedSecurityInfo(objectName string, objectType SE_OBJECT_TYPE, securityInformation SECURITY_INFORMATION) (sd *SECURITY_DESCRIPTOR, err error) { var winHeapSD *SECURITY_DESCRIPTOR err = getNamedSecurityInfo(objectName, objectType, securityInformation, nil, nil, nil, nil, &winHeapSD) if err != nil { return } + if winHeapSD == nil { + return nil, nil + } defer LocalFree(Handle(unsafe.Pointer(winHeapSD))) return winHeapSD.copySelfRelativeSecurityDescriptor(), nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index e873cc09..1d5e10b6 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -283,16 +283,16 @@ github.com/go-git/gcfg github.com/go-git/gcfg/scanner github.com/go-git/gcfg/token github.com/go-git/gcfg/types -# github.com/go-git/go-billy/v5 v5.8.0 -## explicit; go 1.24.0 +# github.com/go-git/go-billy/v5 v5.9.0 +## explicit; go 1.25.0 github.com/go-git/go-billy/v5 github.com/go-git/go-billy/v5/helper/chroot github.com/go-git/go-billy/v5/helper/polyfill github.com/go-git/go-billy/v5/memfs github.com/go-git/go-billy/v5/osfs github.com/go-git/go-billy/v5/util -# github.com/go-git/go-git/v5 v5.17.2 -## explicit; go 1.24.0 +# github.com/go-git/go-git/v5 v5.19.0 +## explicit; go 1.25.0 github.com/go-git/go-git/v5 github.com/go-git/go-git/v5/config github.com/go-git/go-git/v5/internal/path_util @@ -492,7 +492,7 @@ github.com/opencontainers/image-spec/specs-go/v1 ## explicit; go 1.18 # github.com/opencontainers/runtime-spec v1.1.0 ## explicit -# github.com/pjbgf/sha1cd v0.5.0 +# github.com/pjbgf/sha1cd v0.6.0 ## explicit; go 1.22 github.com/pjbgf/sha1cd github.com/pjbgf/sha1cd/internal @@ -662,7 +662,7 @@ go.yaml.in/yaml/v2 # go.yaml.in/yaml/v3 v3.0.4 ## explicit; go 1.16 go.yaml.in/yaml/v3 -# golang.org/x/crypto v0.49.0 +# golang.org/x/crypto v0.50.0 ## explicit; go 1.25.0 golang.org/x/crypto/argon2 golang.org/x/crypto/blake2b @@ -680,13 +680,13 @@ golang.org/x/crypto/ssh golang.org/x/crypto/ssh/agent golang.org/x/crypto/ssh/internal/bcrypt_pbkdf golang.org/x/crypto/ssh/knownhosts -# golang.org/x/exp v0.0.0-20260312153236-7ab1446f8b90 +# golang.org/x/exp v0.0.0-20260410095643-746e56fc9e2f ## explicit; go 1.25.0 golang.org/x/exp/slices golang.org/x/exp/slog golang.org/x/exp/slog/internal golang.org/x/exp/slog/internal/buffer -# golang.org/x/net v0.52.0 +# golang.org/x/net v0.53.0 ## explicit; go 1.25.0 golang.org/x/net/context golang.org/x/net/http/httpguts @@ -699,7 +699,7 @@ golang.org/x/net/internal/socks golang.org/x/net/internal/timeseries golang.org/x/net/proxy golang.org/x/net/trace -# golang.org/x/sys v0.42.0 +# golang.org/x/sys v0.43.0 ## explicit; go 1.25.0 golang.org/x/sys/cpu golang.org/x/sys/execabs @@ -707,10 +707,10 @@ golang.org/x/sys/plan9 golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/registry -# golang.org/x/term v0.41.0 +# golang.org/x/term v0.42.0 ## explicit; go 1.25.0 golang.org/x/term -# golang.org/x/text v0.35.0 +# golang.org/x/text v0.36.0 ## explicit; go 1.25.0 golang.org/x/text/cases golang.org/x/text/internal -- 2.49.0