From 1952b98ca8d732f43d5e3bfed49334959b8e4a2f Mon Sep 17 00:00:00 2001 From: smartcat999 <49057502+smartcat999@users.noreply.github.com> Date: Fri, 14 Feb 2025 11:21:19 +0800 Subject: [PATCH] fix cve with upgrade telemetry 1.0.2 and go 1.22.11 (#6367) Signed-off-by: peng wu <2030047311@qq.com> --- LICENSES/LICENSE | 4 +- build/ks-apiserver/Dockerfile | 2 +- build/ks-controller-manager/Dockerfile | 6 +- go.mod | 6 +- staging/src/kubesphere.io/api/go.mod | 2 +- staging/src/kubesphere.io/client-go/go.mod | 2 +- staging/src/kubesphere.io/utils/go.mod | 2 +- .../github.com/MakeNowJust/heredoc/README.md | 104 +++---- .../reference/helpers_deprecated.go | 34 --- .../reference/normalize_deprecated.go | 92 ------ .../reference/reference_deprecated.go | 172 ------------ .../reference/regexp_deprecated.go | 50 ---- .../distribution/reference/sort_deprecated.go | 10 - vendor/github.com/hashicorp/hcl/.gitignore | 18 +- vendor/github.com/hashicorp/hcl/Makefile | 36 +-- .../github.com/oliveagle/jsonpath/.travis.yml | 16 +- .../github.com/oliveagle/jsonpath/readme.md | 226 +++++++-------- .../loader/internal/embedtest/bar/bar.rego | 3 - .../loader/internal/embedtest/bar/bar.yaml | 1 - .../internal/embedtest/baz/qux/qux.json | 1 - .../opa/loader/internal/embedtest/foo.json | 1 - .../opencontainers/go-digest/digestset/set.go | 262 ------------------ .../sql-migrate/test-migrations/1_initial.sql | 8 - .../sql-migrate/test-migrations/2_record.sql | 5 - vendor/modules.txt | 8 +- 25 files changed, 215 insertions(+), 856 deletions(-) delete mode 100644 vendor/github.com/docker/distribution/reference/helpers_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/normalize_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/reference_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/regexp_deprecated.go delete mode 100644 vendor/github.com/docker/distribution/reference/sort_deprecated.go delete mode 100644 vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.rego delete mode 100644 vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.yaml delete mode 100644 vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/baz/qux/qux.json delete mode 100644 vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/foo.json delete mode 100644 vendor/github.com/opencontainers/go-digest/digestset/set.go delete mode 100644 vendor/github.com/rubenv/sql-migrate/test-migrations/1_initial.sql delete mode 100644 vendor/github.com/rubenv/sql-migrate/test-migrations/2_record.sql diff --git a/LICENSES/LICENSE b/LICENSES/LICENSE index 0b58ceabc..5bb7f1f77 100644 --- a/LICENSES/LICENSE +++ b/LICENSES/LICENSE @@ -21,7 +21,7 @@ KubeSphere is licensed under the Apache License 2.0, with the following addition b. Your contributed code may be utilized for commercial purposes. -3. These additional conditions apply to all versions of KubeSphere, including those without a LICENSE file prior to KubeSphere's open-sourcing. +3. These additional conditions apply exclusively to KubeSphere version 4.x and all future versions. Versions 3.4.x and earlier are not included under these terms and continue to be governed by their previous licenses. Apart from these additional conditions, all other rights and restrictions are governed by the Apache License 2.0, available at http://www.apache.org/licenses/LICENSE-2.0. @@ -41,5 +41,5 @@ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. -= LICENSE 1607c5af06ab423b8c4fa838e7ba9000 += LICENSE 123cd141a9515e60fbd64c3dbcfa9e94 ================================================================================ diff --git a/build/ks-apiserver/Dockerfile b/build/ks-apiserver/Dockerfile index d0268b8f2..3e3f2b32d 100644 --- a/build/ks-apiserver/Dockerfile +++ b/build/ks-apiserver/Dockerfile @@ -1,5 +1,5 @@ # Build -FROM golang:1.21.5 AS build_context +FROM golang:1.22.11 AS build_context ENV OUTDIR=/out RUN mkdir -p ${OUTDIR}/usr/local/bin/ diff --git a/build/ks-controller-manager/Dockerfile b/build/ks-controller-manager/Dockerfile index 108598aad..20b0d634a 100644 --- a/build/ks-controller-manager/Dockerfile +++ b/build/ks-controller-manager/Dockerfile @@ -9,14 +9,14 @@ ARG TARGETARCH ENV ARCH=$TARGETARCH -RUN curl -LO https://github.com/kubesphere/telemetry/releases/download/v1.0.0/telemetry_1.0.0_linux_${ARCH}.tar.gz && \ - tar -zxvf telemetry_1.0.0_linux_${ARCH}.tar.gz -C ${OUTDIR}/usr/local/bin/ telemetry +RUN curl -LO https://github.com/kubesphere/telemetry/releases/download/v1.0.2/telemetry_1.0.2_linux_${ARCH}.tar.gz && \ + tar -zxvf telemetry_1.0.2_linux_${ARCH}.tar.gz -C ${OUTDIR}/usr/local/bin/ telemetry # Add KS Core Helm Chart COPY config/ks-core ${OUTDIR}/var/helm-charts/ks-core # Build -FROM golang:1.21.5 AS build_context +FROM golang:1.22.11 AS build_context ENV OUTDIR=/out RUN mkdir -p ${OUTDIR}/usr/local/bin/ diff --git a/go.mod b/go.mod index 30d4a74da..b9e948e11 100644 --- a/go.mod +++ b/go.mod @@ -6,7 +6,7 @@ module kubesphere.io/kubesphere -go 1.21 +go 1.22.11 require ( code.cloudfoundry.org/bytefmt v0.0.0-20190710193110-1eb035ffe2b6 @@ -16,6 +16,7 @@ require ( github.com/aws/aws-sdk-go v1.44.187 github.com/blang/semver/v4 v4.0.0 github.com/coreos/go-oidc v2.2.1+incompatible + github.com/distribution/reference v0.5.0 github.com/docker/cli v25.0.1+incompatible github.com/docker/distribution v2.8.3+incompatible github.com/docker/docker v26.1.5+incompatible @@ -81,6 +82,7 @@ require ( kubesphere.io/api v0.0.0 kubesphere.io/client-go v0.0.0 kubesphere.io/utils v0.0.0 + oras.land/oras-go v1.2.5 sigs.k8s.io/application v0.8.3 sigs.k8s.io/controller-runtime v0.17.2 sigs.k8s.io/controller-tools v0.14.0 @@ -113,7 +115,6 @@ require ( github.com/coreos/go-systemd/v22 v22.5.0 // indirect github.com/cyphar/filepath-securejoin v0.2.4 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect - github.com/distribution/reference v0.5.0 // indirect github.com/docker/docker-credential-helpers v0.7.0 // indirect github.com/docker/go-connections v0.5.0 // indirect github.com/docker/go-metrics v0.0.1 // indirect @@ -254,7 +255,6 @@ require ( gopkg.in/yaml.v2 v2.4.0 // indirect k8s.io/gengo v0.0.0-20230829151522-9cce18d56c01 // indirect k8s.io/kms v0.29.2 // indirect - oras.land/oras-go v1.2.5 // indirect sigs.k8s.io/apiserver-network-proxy/konnectivity-client v0.28.0 // indirect sigs.k8s.io/json v0.0.0-20221116044647-bc3834ca7abd // indirect sigs.k8s.io/kustomize/api v0.13.5-0.20230601165947-6ce0bf390ce3 // indirect diff --git a/staging/src/kubesphere.io/api/go.mod b/staging/src/kubesphere.io/api/go.mod index 94163cbc8..f857dd240 100644 --- a/staging/src/kubesphere.io/api/go.mod +++ b/staging/src/kubesphere.io/api/go.mod @@ -2,7 +2,7 @@ module kubesphere.io/api -go 1.21 +go 1.22.11 require ( github.com/onsi/gomega v1.30.0 diff --git a/staging/src/kubesphere.io/client-go/go.mod b/staging/src/kubesphere.io/client-go/go.mod index f6a248835..53fdb00cb 100644 --- a/staging/src/kubesphere.io/client-go/go.mod +++ b/staging/src/kubesphere.io/client-go/go.mod @@ -2,7 +2,7 @@ module kubesphere.io/client-go -go 1.21 +go 1.22.11 require ( github.com/google/go-cmp v0.6.0 diff --git a/staging/src/kubesphere.io/utils/go.mod b/staging/src/kubesphere.io/utils/go.mod index 199406c0b..c9437150a 100644 --- a/staging/src/kubesphere.io/utils/go.mod +++ b/staging/src/kubesphere.io/utils/go.mod @@ -2,7 +2,7 @@ module kubesphere.io/utils -go 1.21 +go 1.22.11 require ( github.com/aws/aws-sdk-go v1.44.187 diff --git a/vendor/github.com/MakeNowJust/heredoc/README.md b/vendor/github.com/MakeNowJust/heredoc/README.md index 289ba31d6..e9924d297 100644 --- a/vendor/github.com/MakeNowJust/heredoc/README.md +++ b/vendor/github.com/MakeNowJust/heredoc/README.md @@ -1,52 +1,52 @@ -# heredoc - -[![Build Status](https://circleci.com/gh/MakeNowJust/heredoc.svg?style=svg)](https://circleci.com/gh/MakeNowJust/heredoc) [![GoDoc](https://godoc.org/github.com/MakeNowJusti/heredoc?status.svg)](https://godoc.org/github.com/MakeNowJust/heredoc) - -## About - -Package heredoc provides the here-document with keeping indent. - -## Install - -```console -$ go get github.com/MakeNowJust/heredoc -``` - -## Import - -```go -// usual -import "github.com/MakeNowJust/heredoc" -``` - -## Example - -```go -package main - -import ( - "fmt" - "github.com/MakeNowJust/heredoc" -) - -func main() { - fmt.Println(heredoc.Doc(` - Lorem ipsum dolor sit amet, consectetur adipisicing elit, - sed do eiusmod tempor incididunt ut labore et dolore magna - aliqua. Ut enim ad minim veniam, ... - `)) - // Output: - // Lorem ipsum dolor sit amet, consectetur adipisicing elit, - // sed do eiusmod tempor incididunt ut labore et dolore magna - // aliqua. Ut enim ad minim veniam, ... - // -} -``` - -## API Document - - - [heredoc - GoDoc](https://godoc.org/github.com/MakeNowJust/heredoc) - -## License - -This software is released under the MIT License, see LICENSE. +# heredoc + +[![Build Status](https://circleci.com/gh/MakeNowJust/heredoc.svg?style=svg)](https://circleci.com/gh/MakeNowJust/heredoc) [![GoDoc](https://godoc.org/github.com/MakeNowJusti/heredoc?status.svg)](https://godoc.org/github.com/MakeNowJust/heredoc) + +## About + +Package heredoc provides the here-document with keeping indent. + +## Install + +```console +$ go get github.com/MakeNowJust/heredoc +``` + +## Import + +```go +// usual +import "github.com/MakeNowJust/heredoc" +``` + +## Example + +```go +package main + +import ( + "fmt" + "github.com/MakeNowJust/heredoc" +) + +func main() { + fmt.Println(heredoc.Doc(` + Lorem ipsum dolor sit amet, consectetur adipisicing elit, + sed do eiusmod tempor incididunt ut labore et dolore magna + aliqua. Ut enim ad minim veniam, ... + `)) + // Output: + // Lorem ipsum dolor sit amet, consectetur adipisicing elit, + // sed do eiusmod tempor incididunt ut labore et dolore magna + // aliqua. Ut enim ad minim veniam, ... + // +} +``` + +## API Document + + - [heredoc - GoDoc](https://godoc.org/github.com/MakeNowJust/heredoc) + +## License + +This software is released under the MIT License, see LICENSE. diff --git a/vendor/github.com/docker/distribution/reference/helpers_deprecated.go b/vendor/github.com/docker/distribution/reference/helpers_deprecated.go deleted file mode 100644 index cbd119250..000000000 --- a/vendor/github.com/docker/distribution/reference/helpers_deprecated.go +++ /dev/null @@ -1,34 +0,0 @@ -package reference - -import "github.com/distribution/reference" - -// IsNameOnly returns true if reference only contains a repo name. -// -// Deprecated: use [reference.IsNameOnly]. -func IsNameOnly(ref reference.Named) bool { - return reference.IsNameOnly(ref) -} - -// FamiliarName returns the familiar name string -// for the given named, familiarizing if needed. -// -// Deprecated: use [reference.FamiliarName]. -func FamiliarName(ref reference.Named) string { - return reference.FamiliarName(ref) -} - -// FamiliarString returns the familiar string representation -// for the given reference, familiarizing if needed. -// -// Deprecated: use [reference.FamiliarString]. -func FamiliarString(ref reference.Reference) string { - return reference.FamiliarString(ref) -} - -// FamiliarMatch reports whether ref matches the specified pattern. -// See [path.Match] for supported patterns. -// -// Deprecated: use [reference.FamiliarMatch]. -func FamiliarMatch(pattern string, ref reference.Reference) (bool, error) { - return reference.FamiliarMatch(pattern, ref) -} diff --git a/vendor/github.com/docker/distribution/reference/normalize_deprecated.go b/vendor/github.com/docker/distribution/reference/normalize_deprecated.go deleted file mode 100644 index 1b4a459d7..000000000 --- a/vendor/github.com/docker/distribution/reference/normalize_deprecated.go +++ /dev/null @@ -1,92 +0,0 @@ -package reference - -import ( - "regexp" - - "github.com/distribution/reference" - "github.com/opencontainers/go-digest" - "github.com/opencontainers/go-digest/digestset" -) - -// ParseNormalizedNamed parses a string into a named reference -// transforming a familiar name from Docker UI to a fully -// qualified reference. If the value may be an identifier -// use ParseAnyReference. -// -// Deprecated: use [reference.ParseNormalizedNamed]. -func ParseNormalizedNamed(s string) (reference.Named, error) { - return reference.ParseNormalizedNamed(s) -} - -// ParseDockerRef normalizes the image reference following the docker convention, -// which allows for references to contain both a tag and a digest. -// -// Deprecated: use [reference.ParseDockerRef]. -func ParseDockerRef(ref string) (reference.Named, error) { - return reference.ParseDockerRef(ref) -} - -// TagNameOnly adds the default tag "latest" to a reference if it only has -// a repo name. -// -// Deprecated: use [reference.TagNameOnly]. -func TagNameOnly(ref reference.Named) reference.Named { - return reference.TagNameOnly(ref) -} - -// ParseAnyReference parses a reference string as a possible identifier, -// full digest, or familiar name. -// -// Deprecated: use [reference.ParseAnyReference]. -func ParseAnyReference(ref string) (reference.Reference, error) { - return reference.ParseAnyReference(ref) -} - -// Functions and types below have been removed in distribution v3 and -// have not been ported to github.com/distribution/reference. See -// https://github.com/distribution/distribution/pull/3774 - -var ( - // ShortIdentifierRegexp is the format used to represent a prefix - // of an identifier. A prefix may be used to match a sha256 identifier - // within a list of trusted identifiers. - // - // Deprecated: support for short-identifiers is deprecated, and will be removed in v3. - ShortIdentifierRegexp = regexp.MustCompile(shortIdentifier) - - shortIdentifier = `([a-f0-9]{6,64})` - - // anchoredShortIdentifierRegexp is used to check if a value - // is a possible identifier prefix, anchored at start and end - // of string. - anchoredShortIdentifierRegexp = regexp.MustCompile(`^` + shortIdentifier + `$`) -) - -type digestReference digest.Digest - -func (d digestReference) String() string { - return digest.Digest(d).String() -} - -func (d digestReference) Digest() digest.Digest { - return digest.Digest(d) -} - -// ParseAnyReferenceWithSet parses a reference string as a possible short -// identifier to be matched in a digest set, a full digest, or familiar name. -// -// Deprecated: support for short-identifiers is deprecated, and will be removed in v3. -func ParseAnyReferenceWithSet(ref string, ds *digestset.Set) (Reference, error) { - if ok := anchoredShortIdentifierRegexp.MatchString(ref); ok { - dgst, err := ds.Lookup(ref) - if err == nil { - return digestReference(dgst), nil - } - } else { - if dgst, err := digest.Parse(ref); err == nil { - return digestReference(dgst), nil - } - } - - return reference.ParseNormalizedNamed(ref) -} diff --git a/vendor/github.com/docker/distribution/reference/reference_deprecated.go b/vendor/github.com/docker/distribution/reference/reference_deprecated.go deleted file mode 100644 index 5b732498e..000000000 --- a/vendor/github.com/docker/distribution/reference/reference_deprecated.go +++ /dev/null @@ -1,172 +0,0 @@ -// Package reference is deprecated, and has moved to github.com/distribution/reference. -// -// Deprecated: use github.com/distribution/reference instead. -package reference - -import ( - "github.com/distribution/reference" - "github.com/opencontainers/go-digest" -) - -const ( - // NameTotalLengthMax is the maximum total number of characters in a repository name. - // - // Deprecated: use [reference.NameTotalLengthMax]. - NameTotalLengthMax = reference.NameTotalLengthMax -) - -var ( - // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. - // - // Deprecated: use [reference.ErrReferenceInvalidFormat]. - ErrReferenceInvalidFormat = reference.ErrReferenceInvalidFormat - - // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. - // - // Deprecated: use [reference.ErrTagInvalidFormat]. - ErrTagInvalidFormat = reference.ErrTagInvalidFormat - - // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. - // - // Deprecated: use [reference.ErrDigestInvalidFormat]. - ErrDigestInvalidFormat = reference.ErrDigestInvalidFormat - - // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. - // - // Deprecated: use [reference.ErrNameContainsUppercase]. - ErrNameContainsUppercase = reference.ErrNameContainsUppercase - - // ErrNameEmpty is returned for empty, invalid repository names. - // - // Deprecated: use [reference.ErrNameEmpty]. - ErrNameEmpty = reference.ErrNameEmpty - - // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. - // - // Deprecated: use [reference.ErrNameTooLong]. - ErrNameTooLong = reference.ErrNameTooLong - - // ErrNameNotCanonical is returned when a name is not canonical. - // - // Deprecated: use [reference.ErrNameNotCanonical]. - ErrNameNotCanonical = reference.ErrNameNotCanonical -) - -// Reference is an opaque object reference identifier that may include -// modifiers such as a hostname, name, tag, and digest. -// -// Deprecated: use [reference.Reference]. -type Reference = reference.Reference - -// Field provides a wrapper type for resolving correct reference types when -// working with encoding. -// -// Deprecated: use [reference.Field]. -type Field = reference.Field - -// AsField wraps a reference in a Field for encoding. -// -// Deprecated: use [reference.AsField]. -func AsField(ref reference.Reference) reference.Field { - return reference.AsField(ref) -} - -// Named is an object with a full name -// -// Deprecated: use [reference.Named]. -type Named = reference.Named - -// Tagged is an object which has a tag -// -// Deprecated: use [reference.Tagged]. -type Tagged = reference.Tagged - -// NamedTagged is an object including a name and tag. -// -// Deprecated: use [reference.NamedTagged]. -type NamedTagged reference.NamedTagged - -// Digested is an object which has a digest -// in which it can be referenced by -// -// Deprecated: use [reference.Digested]. -type Digested reference.Digested - -// Canonical reference is an object with a fully unique -// name including a name with domain and digest -// -// Deprecated: use [reference.Canonical]. -type Canonical reference.Canonical - -// Domain returns the domain part of the [Named] reference. -// -// Deprecated: use [reference.Domain]. -func Domain(named reference.Named) string { - return reference.Domain(named) -} - -// Path returns the name without the domain part of the [Named] reference. -// -// Deprecated: use [reference.Path]. -func Path(named reference.Named) (name string) { - return reference.Path(named) -} - -// SplitHostname splits a named reference into a -// hostname and name string. If no valid hostname is -// found, the hostname is empty and the full value -// is returned as name -// -// Deprecated: Use [reference.Domain] or [reference.Path]. -func SplitHostname(named reference.Named) (string, string) { - return reference.SplitHostname(named) -} - -// Parse parses s and returns a syntactically valid Reference. -// If an error was encountered it is returned, along with a nil Reference. -// -// Deprecated: use [reference.Parse]. -func Parse(s string) (reference.Reference, error) { - return reference.Parse(s) -} - -// ParseNamed parses s and returns a syntactically valid reference implementing -// the Named interface. The reference must have a name and be in the canonical -// form, otherwise an error is returned. -// If an error was encountered it is returned, along with a nil Reference. -// -// Deprecated: use [reference.ParseNamed]. -func ParseNamed(s string) (reference.Named, error) { - return reference.ParseNamed(s) -} - -// WithName returns a named object representing the given string. If the input -// is invalid ErrReferenceInvalidFormat will be returned. -// -// Deprecated: use [reference.WithName]. -func WithName(name string) (reference.Named, error) { - return reference.WithName(name) -} - -// WithTag combines the name from "name" and the tag from "tag" to form a -// reference incorporating both the name and the tag. -// -// Deprecated: use [reference.WithTag]. -func WithTag(name reference.Named, tag string) (reference.NamedTagged, error) { - return reference.WithTag(name, tag) -} - -// WithDigest combines the name from "name" and the digest from "digest" to form -// a reference incorporating both the name and the digest. -// -// Deprecated: use [reference.WithDigest]. -func WithDigest(name reference.Named, digest digest.Digest) (reference.Canonical, error) { - return reference.WithDigest(name, digest) -} - -// TrimNamed removes any tag or digest from the named reference. -// -// Deprecated: use [reference.TrimNamed]. -func TrimNamed(ref reference.Named) reference.Named { - return reference.TrimNamed(ref) -} diff --git a/vendor/github.com/docker/distribution/reference/regexp_deprecated.go b/vendor/github.com/docker/distribution/reference/regexp_deprecated.go deleted file mode 100644 index 4b9c1b58e..000000000 --- a/vendor/github.com/docker/distribution/reference/regexp_deprecated.go +++ /dev/null @@ -1,50 +0,0 @@ -package reference - -import ( - "github.com/distribution/reference" -) - -// DigestRegexp matches well-formed digests, including algorithm (e.g. "sha256:"). -// -// Deprecated: use [reference.DigestRegexp]. -var DigestRegexp = reference.DigestRegexp - -// DomainRegexp matches hostname or IP-addresses, optionally including a port -// number. It defines the structure of potential domain components that may be -// part of image names. This is purposely a subset of what is allowed by DNS to -// ensure backwards compatibility with Docker image names. It may be a subset of -// DNS domain name, an IPv4 address in decimal format, or an IPv6 address between -// square brackets (excluding zone identifiers as defined by [RFC 6874] or special -// addresses such as IPv4-Mapped). -// -// Deprecated: use [reference.DomainRegexp]. -// -// [RFC 6874]: https://www.rfc-editor.org/rfc/rfc6874. -var DomainRegexp = reference.DigestRegexp - -// IdentifierRegexp is the format for string identifier used as a -// content addressable identifier using sha256. These identifiers -// are like digests without the algorithm, since sha256 is used. -// -// Deprecated: use [reference.IdentifierRegexp]. -var IdentifierRegexp = reference.IdentifierRegexp - -// NameRegexp is the format for the name component of references, including -// an optional domain and port, but without tag or digest suffix. -// -// Deprecated: use [reference.NameRegexp]. -var NameRegexp = reference.NameRegexp - -// ReferenceRegexp is the full supported format of a reference. The regexp -// is anchored and has capturing groups for name, tag, and digest -// components. -// -// Deprecated: use [reference.ReferenceRegexp]. -var ReferenceRegexp = reference.ReferenceRegexp - -// TagRegexp matches valid tag names. From [docker/docker:graph/tags.go]. -// -// Deprecated: use [reference.TagRegexp]. -// -// [docker/docker:graph/tags.go]: https://github.com/moby/moby/blob/v1.6.0/graph/tags.go#L26-L28 -var TagRegexp = reference.TagRegexp diff --git a/vendor/github.com/docker/distribution/reference/sort_deprecated.go b/vendor/github.com/docker/distribution/reference/sort_deprecated.go deleted file mode 100644 index a73251b6f..000000000 --- a/vendor/github.com/docker/distribution/reference/sort_deprecated.go +++ /dev/null @@ -1,10 +0,0 @@ -package reference - -import "github.com/distribution/reference" - -// Sort sorts string references preferring higher information references. -// -// Deprecated: use [reference.Sort]. -func Sort(references []string) []string { - return reference.Sort(references) -} diff --git a/vendor/github.com/hashicorp/hcl/.gitignore b/vendor/github.com/hashicorp/hcl/.gitignore index 822fa09f5..15586a2b5 100644 --- a/vendor/github.com/hashicorp/hcl/.gitignore +++ b/vendor/github.com/hashicorp/hcl/.gitignore @@ -1,9 +1,9 @@ -y.output - -# ignore intellij files -.idea -*.iml -*.ipr -*.iws - -*.test +y.output + +# ignore intellij files +.idea +*.iml +*.ipr +*.iws + +*.test diff --git a/vendor/github.com/hashicorp/hcl/Makefile b/vendor/github.com/hashicorp/hcl/Makefile index 9fafd5017..84fd743f5 100644 --- a/vendor/github.com/hashicorp/hcl/Makefile +++ b/vendor/github.com/hashicorp/hcl/Makefile @@ -1,18 +1,18 @@ -TEST?=./... - -default: test - -fmt: generate - go fmt ./... - -test: generate - go get -t ./... - go test $(TEST) $(TESTARGS) - -generate: - go generate ./... - -updatedeps: - go get -u golang.org/x/tools/cmd/stringer - -.PHONY: default generate test updatedeps +TEST?=./... + +default: test + +fmt: generate + go fmt ./... + +test: generate + go get -t ./... + go test $(TEST) $(TESTARGS) + +generate: + go generate ./... + +updatedeps: + go get -u golang.org/x/tools/cmd/stringer + +.PHONY: default generate test updatedeps diff --git a/vendor/github.com/oliveagle/jsonpath/.travis.yml b/vendor/github.com/oliveagle/jsonpath/.travis.yml index f7e5a74d8..abf693ce9 100644 --- a/vendor/github.com/oliveagle/jsonpath/.travis.yml +++ b/vendor/github.com/oliveagle/jsonpath/.travis.yml @@ -1,8 +1,8 @@ -language: go - -go: - - 1.5 - - 1.5.1 - - 1.6.2 - -os: linux +language: go + +go: + - 1.5 + - 1.5.1 + - 1.6.2 + +os: linux diff --git a/vendor/github.com/oliveagle/jsonpath/readme.md b/vendor/github.com/oliveagle/jsonpath/readme.md index 37ee7dcd4..a8ee2dbfa 100644 --- a/vendor/github.com/oliveagle/jsonpath/readme.md +++ b/vendor/github.com/oliveagle/jsonpath/readme.md @@ -1,114 +1,114 @@ -JsonPath ----------------- - -![Build Status](https://travis-ci.org/oliveagle/jsonpath.svg?branch=master) - -A golang implementation of JsonPath syntax. -follow the majority rules in http://goessner.net/articles/JsonPath/ -but also with some minor differences. - -this library is till bleeding edge, so use it at your own risk. :D - -**Golang Version Required**: 1.5+ - -Get Started ------------- - -```bash -go get github.com/oliveagle/jsonpath -``` - -example code: - -```go -import ( - "github.com/oliveagle/jsonpath" - "encoding/json" -) - -var json_data interface{} -json.Unmarshal([]byte(data), &json_data) - -res, err := jsonpath.JsonPathLookup(json_data, "$.expensive") - -//or reuse lookup pattern -pat, _ := jsonpath.Compile(`$.store.book[?(@.price < $.expensive)].price`) -res, err := pat.Lookup(json_data) -``` - -Operators --------- -referenced from github.com/jayway/JsonPath - -| Operator | Supported | Description | -| ---- | :---: | ---------- | -| $ | Y | The root element to query. This starts all path expressions. | -| @ | Y | The current node being processed by a filter predicate. | -| * | X | Wildcard. Available anywhere a name or numeric are required. | -| .. | X | Deep scan. Available anywhere a name is required. | -| . | Y | Dot-notated child | -| ['' (, '')] | X | Bracket-notated child or children | -| [ (, )] | Y | Array index or indexes | -| [start:end] | Y | Array slice operator | -| [?()] | Y | Filter expression. Expression must evaluate to a boolean value. | - -Examples --------- -given these example data. - -```javascript -{ - "store": { - "book": [ - { - "category": "reference", - "author": "Nigel Rees", - "title": "Sayings of the Century", - "price": 8.95 - }, - { - "category": "fiction", - "author": "Evelyn Waugh", - "title": "Sword of Honour", - "price": 12.99 - }, - { - "category": "fiction", - "author": "Herman Melville", - "title": "Moby Dick", - "isbn": "0-553-21311-3", - "price": 8.99 - }, - { - "category": "fiction", - "author": "J. R. R. Tolkien", - "title": "The Lord of the Rings", - "isbn": "0-395-19395-8", - "price": 22.99 - } - ], - "bicycle": { - "color": "red", - "price": 19.95 - } - }, - "expensive": 10 -} -``` -example json path syntax. ----- - -| jsonpath | result| -| :--------- | :-------| -| $.expensive | 10| -| $.store.book[0].price | 8.95| -| $.store.book[-1].isbn | "0-395-19395-8"| -| $.store.book[0,1].price | [8.95, 12.99] | -| $.store.book[0:2].price | [8.95, 12.99, 8.99]| -| $.store.book[?(@.isbn)].price | [8.99, 22.99] | -| $.store.book[?(@.price > 10)].title | ["Sword of Honour", "The Lord of the Rings"]| -| $.store.book[?(@.price < $.expensive)].price | [8.95, 8.99] | -| $.store.book[:].price | [8.9.5, 12.99, 8.9.9, 22.99] | -| $.store.book[?(@.author =~ /(?i).*REES/)].author | "Nigel Rees" | - +JsonPath +---------------- + +![Build Status](https://travis-ci.org/oliveagle/jsonpath.svg?branch=master) + +A golang implementation of JsonPath syntax. +follow the majority rules in http://goessner.net/articles/JsonPath/ +but also with some minor differences. + +this library is till bleeding edge, so use it at your own risk. :D + +**Golang Version Required**: 1.5+ + +Get Started +------------ + +```bash +go get github.com/oliveagle/jsonpath +``` + +example code: + +```go +import ( + "github.com/oliveagle/jsonpath" + "encoding/json" +) + +var json_data interface{} +json.Unmarshal([]byte(data), &json_data) + +res, err := jsonpath.JsonPathLookup(json_data, "$.expensive") + +//or reuse lookup pattern +pat, _ := jsonpath.Compile(`$.store.book[?(@.price < $.expensive)].price`) +res, err := pat.Lookup(json_data) +``` + +Operators +-------- +referenced from github.com/jayway/JsonPath + +| Operator | Supported | Description | +| ---- | :---: | ---------- | +| $ | Y | The root element to query. This starts all path expressions. | +| @ | Y | The current node being processed by a filter predicate. | +| * | X | Wildcard. Available anywhere a name or numeric are required. | +| .. | X | Deep scan. Available anywhere a name is required. | +| . | Y | Dot-notated child | +| ['' (, '')] | X | Bracket-notated child or children | +| [ (, )] | Y | Array index or indexes | +| [start:end] | Y | Array slice operator | +| [?()] | Y | Filter expression. Expression must evaluate to a boolean value. | + +Examples +-------- +given these example data. + +```javascript +{ + "store": { + "book": [ + { + "category": "reference", + "author": "Nigel Rees", + "title": "Sayings of the Century", + "price": 8.95 + }, + { + "category": "fiction", + "author": "Evelyn Waugh", + "title": "Sword of Honour", + "price": 12.99 + }, + { + "category": "fiction", + "author": "Herman Melville", + "title": "Moby Dick", + "isbn": "0-553-21311-3", + "price": 8.99 + }, + { + "category": "fiction", + "author": "J. R. R. Tolkien", + "title": "The Lord of the Rings", + "isbn": "0-395-19395-8", + "price": 22.99 + } + ], + "bicycle": { + "color": "red", + "price": 19.95 + } + }, + "expensive": 10 +} +``` +example json path syntax. +---- + +| jsonpath | result| +| :--------- | :-------| +| $.expensive | 10| +| $.store.book[0].price | 8.95| +| $.store.book[-1].isbn | "0-395-19395-8"| +| $.store.book[0,1].price | [8.95, 12.99] | +| $.store.book[0:2].price | [8.95, 12.99, 8.99]| +| $.store.book[?(@.isbn)].price | [8.99, 22.99] | +| $.store.book[?(@.price > 10)].title | ["Sword of Honour", "The Lord of the Rings"]| +| $.store.book[?(@.price < $.expensive)].price | [8.95, 8.99] | +| $.store.book[:].price | [8.9.5, 12.99, 8.9.9, 22.99] | +| $.store.book[?(@.author =~ /(?i).*REES/)].author | "Nigel Rees" | + > Note: golang support regular expression flags in form of `(?imsU)pattern` \ No newline at end of file diff --git a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.rego b/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.rego deleted file mode 100644 index 08bbfb0ac..000000000 --- a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.rego +++ /dev/null @@ -1,3 +0,0 @@ -package bar - -p = true { true } diff --git a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.yaml b/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.yaml deleted file mode 100644 index 8baef1b4a..000000000 --- a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/bar/bar.yaml +++ /dev/null @@ -1 +0,0 @@ -abc diff --git a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/baz/qux/qux.json b/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/baz/qux/qux.json deleted file mode 100644 index 19765bd50..000000000 --- a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/baz/qux/qux.json +++ /dev/null @@ -1 +0,0 @@ -null diff --git a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/foo.json b/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/foo.json deleted file mode 100644 index 3cc0ecbed..000000000 --- a/vendor/github.com/open-policy-agent/opa/loader/internal/embedtest/foo.json +++ /dev/null @@ -1 +0,0 @@ -[1,2,3] diff --git a/vendor/github.com/opencontainers/go-digest/digestset/set.go b/vendor/github.com/opencontainers/go-digest/digestset/set.go deleted file mode 100644 index 71f24184c..000000000 --- a/vendor/github.com/opencontainers/go-digest/digestset/set.go +++ /dev/null @@ -1,262 +0,0 @@ -// Copyright 2020, 2020 OCI Contributors -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digestset - -import ( - "errors" - "sort" - "strings" - "sync" - - digest "github.com/opencontainers/go-digest" -) - -var ( - // ErrDigestNotFound is used when a matching digest - // could not be found in a set. - ErrDigestNotFound = errors.New("digest not found") - - // ErrDigestAmbiguous is used when multiple digests - // are found in a set. None of the matching digests - // should be considered valid matches. - ErrDigestAmbiguous = errors.New("ambiguous digest string") -) - -// Set is used to hold a unique set of digests which -// may be easily referenced by easily referenced by a string -// representation of the digest as well as short representation. -// The uniqueness of the short representation is based on other -// digests in the set. If digests are omitted from this set, -// collisions in a larger set may not be detected, therefore it -// is important to always do short representation lookups on -// the complete set of digests. To mitigate collisions, an -// appropriately long short code should be used. -type Set struct { - mutex sync.RWMutex - entries digestEntries -} - -// NewSet creates an empty set of digests -// which may have digests added. -func NewSet() *Set { - return &Set{ - entries: digestEntries{}, - } -} - -// checkShortMatch checks whether two digests match as either whole -// values or short values. This function does not test equality, -// rather whether the second value could match against the first -// value. -func checkShortMatch(alg digest.Algorithm, hex, shortAlg, shortHex string) bool { - if len(hex) == len(shortHex) { - if hex != shortHex { - return false - } - if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - } else if !strings.HasPrefix(hex, shortHex) { - return false - } else if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - return true -} - -// Lookup looks for a digest matching the given string representation. -// If no digests could be found ErrDigestNotFound will be returned -// with an empty digest value. If multiple matches are found -// ErrDigestAmbiguous will be returned with an empty digest value. -func (dst *Set) Lookup(d string) (digest.Digest, error) { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - if len(dst.entries) == 0 { - return "", ErrDigestNotFound - } - var ( - searchFunc func(int) bool - alg digest.Algorithm - hex string - ) - dgst, err := digest.Parse(d) - if err == digest.ErrDigestInvalidFormat { - hex = d - searchFunc = func(i int) bool { - return dst.entries[i].val >= d - } - } else { - hex = dgst.Hex() - alg = dgst.Algorithm() - searchFunc = func(i int) bool { - if dst.entries[i].val == hex { - return dst.entries[i].alg >= alg - } - return dst.entries[i].val >= hex - } - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) || !checkShortMatch(dst.entries[idx].alg, dst.entries[idx].val, string(alg), hex) { - return "", ErrDigestNotFound - } - if dst.entries[idx].alg == alg && dst.entries[idx].val == hex { - return dst.entries[idx].digest, nil - } - if idx+1 < len(dst.entries) && checkShortMatch(dst.entries[idx+1].alg, dst.entries[idx+1].val, string(alg), hex) { - return "", ErrDigestAmbiguous - } - - return dst.entries[idx].digest, nil -} - -// Add adds the given digest to the set. An error will be returned -// if the given digest is invalid. If the digest already exists in the -// set, this operation will be a no-op. -func (dst *Set) Add(d digest.Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) { - dst.entries = append(dst.entries, entry) - return nil - } else if dst.entries[idx].digest == d { - return nil - } - - entries := append(dst.entries, nil) - copy(entries[idx+1:], entries[idx:len(entries)-1]) - entries[idx] = entry - dst.entries = entries - return nil -} - -// Remove removes the given digest from the set. An err will be -// returned if the given digest is invalid. If the digest does -// not exist in the set, this operation will be a no-op. -func (dst *Set) Remove(d digest.Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - // Not found if idx is after or value at idx is not digest - if idx == len(dst.entries) || dst.entries[idx].digest != d { - return nil - } - - entries := dst.entries - copy(entries[idx:], entries[idx+1:]) - entries = entries[:len(entries)-1] - dst.entries = entries - - return nil -} - -// All returns all the digests in the set -func (dst *Set) All() []digest.Digest { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - retValues := make([]digest.Digest, len(dst.entries)) - for i := range dst.entries { - retValues[i] = dst.entries[i].digest - } - - return retValues -} - -// ShortCodeTable returns a map of Digest to unique short codes. The -// length represents the minimum value, the maximum length may be the -// entire value of digest if uniqueness cannot be achieved without the -// full value. This function will attempt to make short codes as short -// as possible to be unique. -func ShortCodeTable(dst *Set, length int) map[digest.Digest]string { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - m := make(map[digest.Digest]string, len(dst.entries)) - l := length - resetIdx := 0 - for i := 0; i < len(dst.entries); i++ { - var short string - extended := true - for extended { - extended = false - if len(dst.entries[i].val) <= l { - short = dst.entries[i].digest.String() - } else { - short = dst.entries[i].val[:l] - for j := i + 1; j < len(dst.entries); j++ { - if checkShortMatch(dst.entries[j].alg, dst.entries[j].val, "", short) { - if j > resetIdx { - resetIdx = j - } - extended = true - } else { - break - } - } - if extended { - l++ - } - } - } - m[dst.entries[i].digest] = short - if i >= resetIdx { - l = length - } - } - return m -} - -type digestEntry struct { - alg digest.Algorithm - val string - digest digest.Digest -} - -type digestEntries []*digestEntry - -func (d digestEntries) Len() int { - return len(d) -} - -func (d digestEntries) Less(i, j int) bool { - if d[i].val != d[j].val { - return d[i].val < d[j].val - } - return d[i].alg < d[j].alg -} - -func (d digestEntries) Swap(i, j int) { - d[i], d[j] = d[j], d[i] -} diff --git a/vendor/github.com/rubenv/sql-migrate/test-migrations/1_initial.sql b/vendor/github.com/rubenv/sql-migrate/test-migrations/1_initial.sql deleted file mode 100644 index cd896fbd7..000000000 --- a/vendor/github.com/rubenv/sql-migrate/test-migrations/1_initial.sql +++ /dev/null @@ -1,8 +0,0 @@ --- +migrate Up --- SQL in section 'Up' is executed when this migration is applied -CREATE TABLE people (id int); - - --- +migrate Down --- SQL section 'Down' is executed when this migration is rolled back -DROP TABLE people; diff --git a/vendor/github.com/rubenv/sql-migrate/test-migrations/2_record.sql b/vendor/github.com/rubenv/sql-migrate/test-migrations/2_record.sql deleted file mode 100644 index c76d7691b..000000000 --- a/vendor/github.com/rubenv/sql-migrate/test-migrations/2_record.sql +++ /dev/null @@ -1,5 +0,0 @@ --- +migrate Up -INSERT INTO people (id) VALUES (1); - --- +migrate Down -DELETE FROM people WHERE id=1; diff --git a/vendor/modules.txt b/vendor/modules.txt index aebad1cb2..853eb478a 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -215,7 +215,6 @@ github.com/docker/distribution github.com/docker/distribution/manifest github.com/docker/distribution/manifest/schema2 github.com/docker/distribution/metrics -github.com/docker/distribution/reference github.com/docker/distribution/registry/api/errcode github.com/docker/distribution/registry/api/v2 github.com/docker/distribution/registry/client @@ -845,7 +844,6 @@ github.com/open-policy-agent/opa/version # github.com/opencontainers/go-digest v1.0.0 => github.com/opencontainers/go-digest v1.0.0 ## explicit; go 1.13 github.com/opencontainers/go-digest -github.com/opencontainers/go-digest/digestset # github.com/opencontainers/image-spec v1.1.0-rc6 => github.com/opencontainers/image-spec v1.1.0-rc5 ## explicit; go 1.18 github.com/opencontainers/image-spec/specs-go @@ -2198,7 +2196,7 @@ k8s.io/utils/ptr k8s.io/utils/strings/slices k8s.io/utils/trace # kubesphere.io/api v0.0.0 => ./staging/src/kubesphere.io/api -## explicit; go 1.21 +## explicit; go 1.22.11 kubesphere.io/api/application/v2 kubesphere.io/api/cluster/v1alpha1 kubesphere.io/api/constants @@ -2212,11 +2210,11 @@ kubesphere.io/api/tenant/v1alpha1 kubesphere.io/api/tenant/v1alpha2 kubesphere.io/api/tenant/v1beta1 # kubesphere.io/client-go v0.0.0 => ./staging/src/kubesphere.io/client-go -## explicit; go 1.21 +## explicit; go 1.22.11 kubesphere.io/client-go/kubesphere/scheme kubesphere.io/client-go/rest # kubesphere.io/utils v0.0.0 => ./staging/src/kubesphere.io/utils -## explicit; go 1.21 +## explicit; go 1.22.11 kubesphere.io/utils/helm kubesphere.io/utils/s3 # oras.land/oras-go v1.2.5 => oras.land/oras-go v1.2.5