Merge pull request #3226 from thaJeztah/bump_go_digest

vendor: opencontainers/go-digest v1.0.0
2020-08-24 10:50:21 -07:00 · 2020-08-24 10:50:21 -07:00 · fe1ffa86bc
commit fe1ffa86bc
parent 0316f34bf2 8a8d91529d
15 changed files with 87 additions and 65 deletions
--- a/go.mod
+++ b/go.mod
@ -28,7 +28,7 @@ require (
 	github.com/mitchellh/mapstructure v1.1.2
 	github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f // indirect
 	github.com/ncw/swift v1.0.47
-	github.com/opencontainers/go-digest v1.0.0-rc1
+	github.com/opencontainers/go-digest v1.0.0
 	github.com/opencontainers/image-spec v1.0.1
 	github.com/satori/go.uuid v1.2.0 // indirect
 	github.com/sirupsen/logrus v1.4.2
--- a/go.sum
+++ b/go.sum
@ -89,8 +89,8 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
 github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
 github.com/ncw/swift v1.0.47 h1:4DQRPj35Y41WogBxyhOXlrI37nzGlyEcsforeudyYPQ=
 github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
-github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ=
+github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
-github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s=
+github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
 github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
 github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
--- a/vendor/github.com/opencontainers/go-digest/.mailmap
+++ b/vendor/github.com/opencontainers/go-digest/.mailmap
@ -1 +1,4 @@
 Aaron Lehmann <aaronl@vitelus.com> <aaron.lehmann@docker.com>
 Derek McGowan <derek@mcg.dev> <derek@mcgstyle.net>
 Stephen J Day <stephen.day@docker.com> <stevvooe@users.noreply.github.com>
 Haibing Zhou <zhouhaibing089@gmail.com>
--- a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml
+++ b/vendor/github.com/opencontainers/go-digest/.pullapprove.yml
@ -1,12 +1,28 @@
-approve_by_comment: true
+version: 2
-approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)'
+
-reject_regex: ^Rejected
+requirements:
-reset_on_push: true
+  signed_off_by:
-author_approval: ignored
+    required: true
-signed_off_by:
+
-  required: true
+always_pending:
-reviewers:
+  title_regex: '^WIP'
-  teams:
+  explanation: 'Work in progress...'
-  - go-digest-maintainers
+
-  name: default
+group_defaults:
  required: 2
  approve_by_comment:
    enabled: true
    approve_regex: '^LGTM'
    reject_regex: '^Rejected'
  reset_on_push:
    enabled: true
  author_approval:
    ignored: true
  conditions:
    branches:
      - master
 groups:
  go-digest:
    teams:
      - go-digest-maintainers
--- a/vendor/github.com/opencontainers/go-digest/.travis.yml
+++ b/vendor/github.com/opencontainers/go-digest/.travis.yml
@ -1,4 +1,5 @@
 language: go
 go:
-  - 1.7
+  - 1.12.x
  - 1.13.x
  - master
--- a/vendor/github.com/opencontainers/go-digest/LICENSE.code
+++ b/vendor/github.com/opencontainers/go-digest/LICENSE.code
@ -176,6 +176,7 @@
   END OF TERMS AND CONDITIONS
   Copyright 2019, 2020 OCI Contributors
   Copyright 2016 Docker, Inc.
   Licensed under the Apache License, Version 2.0 (the "License");
--- a/vendor/github.com/opencontainers/go-digest/MAINTAINERS
+++ b/vendor/github.com/opencontainers/go-digest/MAINTAINERS
@ -1,9 +1,5 @@
 Aaron Lehmann <aaron.lehmann@docker.com> (@aaronlehmann)
 Brandon Philips <brandon.philips@coreos.com> (@philips)
 Brendan Burns <bburns@microsoft.com> (@brendandburns)
 Derek McGowan <derek@mcgstyle.net> (@dmcgowan)
-Jason Bouzane <jbouzane@google.com> (@jbouzane)
+Stephen Day <stevvooe@gmail.com> (@stevvooe)
-John Starks <jostarks@microsoft.com> (@jstarks)
+Vincent Batts <vbatts@hashbangbash.com> (@vbatts)
-Jonathan Boulle <jon.boulle@coreos.com> (@jonboulle)
+Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (@AkihiroSuda)
-Stephen Day <stephen.day@docker.com> (@stevvooe)
+Sebastiaan van Stijn <github@gone.nl> (@thaJeztah)
 Vincent Batts <vbatts@redhat.com> (@vbatts)
--- a/vendor/github.com/opencontainers/go-digest/README.md
+++ b/vendor/github.com/opencontainers/go-digest/README.md
@ -8,20 +8,16 @@ Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) fo
 # What is a digest?
-A digest is just a hash.
+A digest is just a [hash](https://en.wikipedia.org/wiki/Hash_function).
-The most common use case for a digest is to create a content
+The most common use case for a digest is to create a content identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) systems:
 identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage)
 systems:
 ```go
 id := digest.FromBytes([]byte("my content"))
 ```
-In the example above, the id can be used to uniquely identify 
+In the example above, the id can be used to uniquely identify the byte slice "my content".
-the byte slice "my content". This allows two disparate applications
+This allows two disparate applications to agree on a verifiable identifier without having to trust one another.
 to agree on a verifiable identifier without having to trust one
 another.
 An identifying digest can be verified, as follows:
@ -31,8 +27,7 @@ if id != digest.FromBytes([]byte("my content")) {
 }
 ```
-A `Verifier` type can be used to handle cases where an `io.Reader`
+A `Verifier` type can be used to handle cases where an `io.Reader` makes more sense:
 makes more sense:
 ```go
 rd := getContent()
@ -44,33 +39,28 @@ if !verifier.Verified() {
 }
 ```
-Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this
+Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this can power a rich, safe, content distribution system.
 can power a rich, safe, content distribution system.
 # Usage
-While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is
+While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is considered the best resource, a few important items need to be called out when using this package.
 considered the best resource, a few important items need to be called 
 out when using this package.
-1. Make sure to import the hash implementations into your application
+1. Make sure to import the hash implementations into your application or the package will panic.
-    or the package will panic. You should have something like the 
+    You should have something like the following in the main (or other entrypoint) of your application:
    following in the main (or other entrypoint) of your application:
    ```go
    import (
        _ "crypto/sha256"
-   	    _ "crypto/sha512"
+        _ "crypto/sha512"
    )
    ```
    This may seem inconvenient but it allows you replace the hash 
    implementations with others, such as https://github.com/stevvooe/resumable.
-2. Even though `digest.Digest` may be assemable as a string, _always_ 
+2. Even though `digest.Digest` may be assemblable as a string, _always_ verify your input with `digest.Parse` or use `Digest.Validate` when accepting untrusted input.
-    verify your input with `digest.Parse` or use `Digest.Validate`
+    While there are measures to avoid common problems, this will ensure you have valid digests in the rest of your application.
-    when accepting untrusted input. While there are measures to 
+
-    avoid common problems, this will ensure you have valid digests
+3. While alternative encodings of hash values (digests) are possible (for example, base64), this package deals exclusively with hex-encoded digests.
    in the rest of your application.
 # Stability
@ -80,25 +70,27 @@ As always, before using a package export, read the [godoc](https://godoc.org/git
 # Contributing
-This package is considered fairly complete. It has been in production
+This package is considered fairly complete.
-in thousands (millions?) of deployments and is fairly battle-hardened.
+It has been in production in thousands (millions?) of deployments and is fairly battle-hardened.
-New additions will be met with skepticism. If you think there is a 
+New additions will be met with skepticism.
-missing feature, please file a bug clearly describing the problem and 
+If you think there is a missing feature, please file a bug clearly describing the problem and the alternatives you tried before submitting a PR.
 the alternatives you tried before submitting a PR.
-# Reporting security issues
+## Code of Conduct
-Please DO NOT file a public issue, instead send your report privately to
+Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct][code-of-conduct].
 security@opencontainers.org.
-The maintainers take security seriously. If you discover a security issue,
+## Security
 please bring it to their attention right away!
-If you are reporting a security issue, do not create an issue or file a pull
+If you find an issue, please follow the [security][security] protocol to report it.
 request on GitHub. Instead, disclose the issue responsibly by sending an email
 to security@opencontainers.org (which is inhabited only by the maintainers of
 the various OCI projects).
 # Copyright and license
-Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code is released under the [Apache 2.0 license](LICENSE.code). This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/.
+Copyright © 2019, 2020 OCI Contributors
 Copyright © 2016 Docker, Inc.
 All rights reserved, except as follows.
 Code is released under the [Apache 2.0 license](LICENSE).
 This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs).
 You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/.
 [security]: https://github.com/opencontainers/org/blob/master/security
 [code-of-conduct]: https://github.com/opencontainers/org/blob/master/CODE_OF_CONDUCT.md
--- a/vendor/github.com/opencontainers/go-digest/algorithm.go
+++ b/vendor/github.com/opencontainers/go-digest/algorithm.go
@ -1,3 +1,4 @@
 // Copyright 2019, 2020 OCI Contributors
 // Copyright 2017 Docker, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
--- a/vendor/github.com/opencontainers/go-digest/digest.go
+++ b/vendor/github.com/opencontainers/go-digest/digest.go
@ -1,3 +1,4 @@
 // Copyright 2019, 2020 OCI Contributors
 // Copyright 2017 Docker, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
--- a/vendor/github.com/opencontainers/go-digest/digester.go
+++ b/vendor/github.com/opencontainers/go-digest/digester.go
@ -1,3 +1,4 @@
 // Copyright 2019, 2020 OCI Contributors
 // Copyright 2017 Docker, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
--- a/vendor/github.com/opencontainers/go-digest/doc.go
+++ b/vendor/github.com/opencontainers/go-digest/doc.go
@ -1,3 +1,4 @@
 // Copyright 2019, 2020 OCI Contributors
 // Copyright 2017 Docker, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
@ -29,8 +30,13 @@
 //
 // 	sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc
 //
-// In this case, the string "sha256" is the algorithm and the hex bytes are
+// The "algorithm" portion defines both the hashing algorithm used to calculate
-// the "digest".
+// the digest and the encoding of the resulting digest, which defaults to "hex"
 // if not otherwise specified. Currently, all supported algorithms have their
 // digests encoded in hex strings.
 //
 // In the example above, the string "sha256" is the algorithm and the hex bytes
 // are the "digest".
 //
 // Because the Digest type is simply a string, once a valid Digest is
 // obtained, comparisons are cheap, quick and simple to express with the
--- a/vendor/github.com/opencontainers/go-digest/go.mod
+++ b/vendor/github.com/opencontainers/go-digest/go.mod
@ -0,0 +1,3 @@
 module github.com/opencontainers/go-digest
 go 1.13
--- a/vendor/github.com/opencontainers/go-digest/verifiers.go
+++ b/vendor/github.com/opencontainers/go-digest/verifiers.go
@ -1,3 +1,4 @@
 // Copyright 2019, 2020 OCI Contributors
 // Copyright 2017 Docker, Inc.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -103,7 +103,7 @@ github.com/mitchellh/mapstructure
 # github.com/ncw/swift v1.0.47
 github.com/ncw/swift
 github.com/ncw/swift/swifttest
-# github.com/opencontainers/go-digest v1.0.0-rc1
+# github.com/opencontainers/go-digest v1.0.0
 github.com/opencontainers/go-digest
 # github.com/opencontainers/image-spec v1.0.1
 github.com/opencontainers/image-spec/specs-go
		`@ -0,0 +1,3 @@`
							`module github.com/opencontainers/go-digest`

							`go 1.13`