Skip to content

Commit 90ac7c1

Browse files
authored
security: patch docker and testing-containers (#1162)
Signed-off-by: Miguel <miguel@chainloop.dev>
1 parent a2b9127 commit 90ac7c1

2 files changed

Lines changed: 31 additions & 25 deletions

File tree

go.mod

Lines changed: 10 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ require (
1717
github.com/cenkalti/backoff/v4 v4.3.0
1818
github.com/coreos/go-oidc/v3 v3.10.0
1919
github.com/docker/distribution v2.8.3+incompatible
20-
github.com/docker/go-connections v0.4.0
20+
github.com/docker/go-connections v0.5.0
2121
github.com/getsentry/sentry-go v0.23.0
2222
github.com/go-kratos/kratos/contrib/log/zap/v2 v2.0.0-20230823024326-a09f4d8ebba9
2323
github.com/go-kratos/kratos/v2 v2.7.0
@@ -49,7 +49,7 @@ require (
4949
github.com/spf13/pflag v1.0.5
5050
github.com/spf13/viper v1.18.2
5151
github.com/stretchr/testify v1.9.0
52-
github.com/testcontainers/testcontainers-go v0.25.0
52+
github.com/testcontainers/testcontainers-go v0.32.0
5353
go.uber.org/automaxprocs v1.5.3
5454
go.uber.org/zap v1.27.0
5555
golang.org/x/exp v0.0.0-20240325151524-a685a6edb6d8
@@ -102,7 +102,7 @@ require (
102102
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal v1.0.0 // indirect
103103
github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect
104104
github.com/Masterminds/semver/v3 v3.2.1 // indirect
105-
github.com/Microsoft/hcsshim v0.11.4 // indirect
105+
github.com/Microsoft/hcsshim v0.11.5 // indirect
106106
github.com/OneOfOne/xxhash v1.2.8 // indirect
107107
github.com/agnivade/levenshtein v1.1.1 // indirect
108108
github.com/anchore/go-struct-converter v0.0.0-20230627203149-c72ef8859ca9 // indirect
@@ -111,11 +111,12 @@ require (
111111
github.com/aws/aws-sdk-go-v2/service/kms v1.30.0 // indirect
112112
github.com/casbin/govaluate v1.1.0 // indirect
113113
github.com/cockroachdb/apd/v3 v3.2.1 // indirect
114+
github.com/containerd/errdefs v0.1.0 // indirect
114115
github.com/containerd/log v0.1.0 // indirect
115116
github.com/cpuguy83/dockercfg v0.3.1 // indirect
116117
github.com/creack/pty v1.1.21 // indirect
117118
github.com/cyphar/filepath-securejoin v0.2.4 // indirect
118-
github.com/distribution/reference v0.5.0 // indirect
119+
github.com/distribution/reference v0.6.0 // indirect
119120
github.com/dustin/go-humanize v1.0.1 // indirect
120121
github.com/emirpasic/gods v1.18.1 // indirect
121122
github.com/fatih/color v1.16.0 // indirect
@@ -159,6 +160,7 @@ require (
159160
github.com/minio/md5-simd v1.1.2 // indirect
160161
github.com/minio/sha256-simd v1.0.1 // indirect
161162
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
163+
github.com/moby/docker-image-spec v1.3.1 // indirect
162164
github.com/moby/sys/user v0.1.0 // indirect
163165
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
164166
github.com/oklog/run v1.1.0 // indirect
@@ -174,7 +176,7 @@ require (
174176
github.com/sagikazarmark/locafero v0.4.0 // indirect
175177
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
176178
github.com/sergi/go-diff v1.3.1 // indirect
177-
github.com/shirou/gopsutil/v3 v3.23.8 // indirect
179+
github.com/shirou/gopsutil/v3 v3.23.12 // indirect
178180
github.com/shoenig/go-m1cpu v0.1.6 // indirect
179181
github.com/shoenig/test v0.6.6 // indirect
180182
github.com/skeema/knownhosts v1.2.1 // indirect
@@ -198,7 +200,6 @@ require (
198200
goa.design/goa v2.2.5+incompatible // indirect
199201
gopkg.in/go-jose/go-jose.v2 v2.6.3 // indirect
200202
gopkg.in/warnings.v0 v0.1.2 // indirect
201-
gotest.tools/v3 v3.5.1 // indirect
202203
)
203204

204205
require (
@@ -210,7 +211,7 @@ require (
210211
github.com/Azure/azure-sdk-for-go/sdk/keyvault/azsecrets v0.12.0
211212
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
212213
github.com/IguteChung/casbin-psql-watcher v1.0.0
213-
github.com/Microsoft/go-winio v0.6.1 // indirect
214+
github.com/Microsoft/go-winio v0.6.2 // indirect
214215
github.com/ProtonMail/go-crypto v0.0.0-20230923063757-afb1ddc0824c // indirect
215216
github.com/ThalesIgnite/crypto11 v1.2.5 // indirect
216217
github.com/agext/levenshtein v1.2.3 // indirect
@@ -229,15 +230,15 @@ require (
229230
github.com/cenkalti/backoff/v3 v3.2.2 // indirect
230231
github.com/cespare/xxhash/v2 v2.2.0 // indirect
231232
github.com/cloudflare/circl v1.3.7 // indirect
232-
github.com/containerd/containerd v1.7.14 // indirect
233+
github.com/containerd/containerd v1.7.18 // indirect
233234
github.com/containerd/stargz-snapshotter/estargz v0.14.3 // indirect
234235
github.com/cyberphone/json-canonicalization v0.0.0-20231011164504-785e29786b46 // indirect
235236
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
236237
github.com/desertbit/timer v0.0.0-20180107155436-c41aec40b27f // indirect
237238
github.com/digitorus/pkcs7 v0.0.0-20230818184609-3a137a874352 // indirect
238239
github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 // indirect
239240
github.com/docker/cli v24.0.7+incompatible // indirect
240-
github.com/docker/docker v25.0.5+incompatible // indirect
241+
github.com/docker/docker v27.1.1+incompatible // indirect
241242
github.com/docker/docker-credential-helpers v0.8.0 // indirect
242243
github.com/docker/go-units v0.5.0 // indirect
243244
github.com/emicklei/go-restful/v3 v3.11.0 // indirect

go.sum

Lines changed: 21 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -141,10 +141,10 @@ github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0
141141
github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0=
142142
github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
143143
github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v8QkMxJ6pZY=
144-
github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
145-
github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
146-
github.com/Microsoft/hcsshim v0.11.4 h1:68vKo2VN8DE9AdN4tnkWnmdhqdbpUFM8OF3Airm7fz8=
147-
github.com/Microsoft/hcsshim v0.11.4/go.mod h1:smjE4dvqPX9Zldna+t5FG3rnoHhaB7QYxPRqGcpAD9w=
144+
github.com/Microsoft/go-winio v0.6.2 h1:F2VQgta7ecxGYO8k3ZZz3RS8fVIXVxONVUPlNERoyfY=
145+
github.com/Microsoft/go-winio v0.6.2/go.mod h1:yd8OoFMLzJbo9gZq8j5qaps8bJ9aShtEA8Ipt1oGCvU=
146+
github.com/Microsoft/hcsshim v0.11.5 h1:haEcLNpj9Ka1gd3B3tAEs9CpE0c+1IhoL59w/exYU38=
147+
github.com/Microsoft/hcsshim v0.11.5/go.mod h1:MV8xMfmECjl5HdO7U/3/hFVnkmSBjAjmA09d4bExKcU=
148148
github.com/OneOfOne/xxhash v1.2.2/go.mod h1:HSdplMjZKSmBqAxg5vPj2TmRDmfkzw+cTzAElWljhcU=
149149
github.com/OneOfOne/xxhash v1.2.8 h1:31czK/TI9sNkxIKfaUfGlU47BAxQ0ztGgd9vPyqimf8=
150150
github.com/OneOfOne/xxhash v1.2.8/go.mod h1:eZbhyaAYD41SGSSsnmcpxVoRiQ/MPUTjUdIIOT9Um7Q=
@@ -341,8 +341,10 @@ github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb h1:EDmT6Q9Zs+SbUo
341341
github.com/codahale/rfc6979 v0.0.0-20141003034818-6a90f24967eb/go.mod h1:ZjrT6AXHbDs86ZSdt/osfBi5qfexBrKUdONk989Wnk4=
342342
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be h1:J5BL2kskAlV9ckgEsNQXscjIaLiOYiZ75d4e94E6dcQ=
343343
github.com/common-nighthawk/go-figure v0.0.0-20210622060536-734e95fb86be/go.mod h1:mk5IQ+Y0ZeO87b858TlA645sVcEcbiX6YqP98kt+7+w=
344-
github.com/containerd/containerd v1.7.14 h1:H/XLzbnGuenZEGK+v0RkwTdv2u1QFAruMe5N0GNPJwA=
345-
github.com/containerd/containerd v1.7.14/go.mod h1:YMC9Qt5yzNqXx/fO4j/5yYVIHXSRrlB3H7sxkUTvspg=
344+
github.com/containerd/containerd v1.7.18 h1:jqjZTQNfXGoEaZdW1WwPU0RqSn1Bm2Ay/KJPUuO8nao=
345+
github.com/containerd/containerd v1.7.18/go.mod h1:IYEk9/IO6wAPUz2bCMVUbsfXjzw5UNP5fLz4PsUygQ4=
346+
github.com/containerd/errdefs v0.1.0 h1:m0wCRBiu1WJT/Fr+iOoQHMQS/eP5myQ8lCv4Dz5ZURM=
347+
github.com/containerd/errdefs v0.1.0/go.mod h1:YgWiiHtLmSeBrvpw+UfPijzbLaB77mEG1WwJTDETIV0=
346348
github.com/containerd/log v0.1.0 h1:TCJt7ioM2cr/tfR8GPbGf9/VRAX8D2B4PjzCpfX540I=
347349
github.com/containerd/log v0.1.0/go.mod h1:VRRf09a7mHDIRezVKTRCrOq78v577GXq3bSa3EhrzVo=
348350
github.com/containerd/stargz-snapshotter/estargz v0.14.3 h1:OqlDCK3ZVUO6C3B/5FSkDwbkEETK84kQgEeFwDC+62k=
@@ -398,18 +400,18 @@ github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7 h1:lxmTCgmHE1G
398400
github.com/digitorus/timestamp v0.0.0-20231217203849-220c5c2851b7/go.mod h1:GvWntX9qiTlOud0WkQ6ewFm0LPy5JUR1Xo0Ngbd1w6Y=
399401
github.com/dimchansky/utfbom v1.1.1 h1:vV6w1AhK4VMnhBno/TPVCoK9U/LP0PkLCS9tbxHdi/U=
400402
github.com/dimchansky/utfbom v1.1.1/go.mod h1:SxdoEBH5qIqFocHMyGOXVAybYJdr71b1Q/j0mACtrfE=
401-
github.com/distribution/reference v0.5.0 h1:/FUIFXtfc/x2gpa5/VGfiGLuOIdYa1t65IKK2OFGvA0=
402-
github.com/distribution/reference v0.5.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
403+
github.com/distribution/reference v0.6.0 h1:0IXCQ5g4/QMHHkarYzh5l+u8T3t73zM5QvfrDyIgxBk=
404+
github.com/distribution/reference v0.6.0/go.mod h1:BbU0aIcezP1/5jX/8MP0YiH4SdvB5Y4f/wlDRiLyi3E=
403405
github.com/docker/cli v24.0.7+incompatible h1:wa/nIwYFW7BVTGa7SWPVyyXU9lgORqUb1xfI36MSkFg=
404406
github.com/docker/cli v24.0.7+incompatible/go.mod h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
405407
github.com/docker/distribution v2.8.3+incompatible h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
406408
github.com/docker/distribution v2.8.3+incompatible/go.mod h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
407-
github.com/docker/docker v25.0.5+incompatible h1:UmQydMduGkrD5nQde1mecF/YnSbTOaPeFIeP5C4W+DE=
408-
github.com/docker/docker v25.0.5+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
409+
github.com/docker/docker v27.1.1+incompatible h1:hO/M4MtV36kzKldqnA37IWhebRA+LnqqcqDja6kVaKY=
410+
github.com/docker/docker v27.1.1+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
409411
github.com/docker/docker-credential-helpers v0.8.0 h1:YQFtbBQb4VrpoPxhFuzEBPQ9E16qz5SpHLS+uswaCp8=
410412
github.com/docker/docker-credential-helpers v0.8.0/go.mod h1:UGFXcuoQ5TxPiB54nHOZ32AWRqQdECoh/Mg0AlEYb40=
411-
github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
412-
github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
413+
github.com/docker/go-connections v0.5.0 h1:USnMq7hx7gwdVZq1L49hLXaFtUdTADjXGp+uj1Br63c=
414+
github.com/docker/go-connections v0.5.0/go.mod h1:ov60Kzw0kKElRwhNs9UlUHAE/F9Fe6GLaXnqyDdmEXc=
413415
github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=
414416
github.com/docker/go-units v0.5.0/go.mod h1:fgPhTUdO+D/Jk86RDLlptpiXQzgHJF7gydDDbaIK4Dk=
415417
github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
@@ -1055,6 +1057,8 @@ github.com/mitchellh/mapstructure v1.4.1/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RR
10551057
github.com/mitchellh/mapstructure v1.4.3/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
10561058
github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
10571059
github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
1060+
github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3Nl2EsFP0=
1061+
github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
10581062
github.com/moby/moby v24.0.9+incompatible h1:Z/hFbZJqC5Fmuf6jesMLdHU71CMAgdiSJ1ZYey+bFmg=
10591063
github.com/moby/moby v24.0.9+incompatible/go.mod h1:fDXVQ6+S340veQPv35CzDahGBmHsiclFwfEygB/TWMc=
10601064
github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
@@ -1278,8 +1282,8 @@ github.com/sergi/go-diff v1.3.1 h1:xkr+Oxo4BOQKmkn/B9eMK0g5Kg/983T9DqqPHwYqD+8=
12781282
github.com/sergi/go-diff v1.3.1/go.mod h1:aMJSSKb2lpPvRNec0+w3fl7LP9IOFzdc9Pa4NFbPK1I=
12791283
github.com/shibumi/go-pathspec v1.3.0 h1:QUyMZhFo0Md5B8zV8x2tesohbb5kfbpTi9rBnKh5dkI=
12801284
github.com/shibumi/go-pathspec v1.3.0/go.mod h1:Xutfslp817l2I1cZvgcfeMQJG5QnU2lh5tVaaMCl3jE=
1281-
github.com/shirou/gopsutil/v3 v3.23.8 h1:xnATPiybo6GgdRoC4YoGnxXZFRc3dqQTGi73oLvvBrE=
1282-
github.com/shirou/gopsutil/v3 v3.23.8/go.mod h1:7hmCaBn+2ZwaZOr6jmPBZDfawwMGuo1id3C6aM8EDqQ=
1285+
github.com/shirou/gopsutil/v3 v3.23.12 h1:z90NtUkp3bMtmICZKpC4+WaknU1eXtp5vtbQ11DgpE4=
1286+
github.com/shirou/gopsutil/v3 v3.23.12/go.mod h1:1FrWgea594Jp7qmjHUUPlJDTPgcsb9mGnXDxavtikzM=
12831287
github.com/shoenig/go-m1cpu v0.1.6 h1:nxdKQNcEB6vzgA2E2bvzKIYRuNj7XNJ4S/aRSwKzFtM=
12841288
github.com/shoenig/go-m1cpu v0.1.6/go.mod h1:1JJMcUBvfNwpq05QDQVAnx3gUHr9IYF7GNg9SUEw2VQ=
12851289
github.com/shoenig/test v0.6.4/go.mod h1:byHiCGXqrVaflBLAMq/srcZIHynQPQgeyvkvXnjqq0k=
@@ -1394,8 +1398,8 @@ github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d h1:vfofYNRScrDd
13941398
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d/go.mod h1:RRCYJbIwD5jmqPI9XoAFR0OcDxqUctll6zUj/+B4S48=
13951399
github.com/tchap/go-patricia/v2 v2.3.1 h1:6rQp39lgIYZ+MHmdEq4xzuk1t7OdC35z/xm0BGhTkes=
13961400
github.com/tchap/go-patricia/v2 v2.3.1/go.mod h1:VZRHKAb53DLaG+nA9EaYYiaEx6YztwDlLElMsnSHD4k=
1397-
github.com/testcontainers/testcontainers-go v0.25.0 h1:erH6cQjsaJrH+rJDU9qIf89KFdhK0Bft0aEZHlYC3Vs=
1398-
github.com/testcontainers/testcontainers-go v0.25.0/go.mod h1:4sC9SiJyzD1XFi59q8umTQYWxnkweEc5OjVtTUlJzqQ=
1401+
github.com/testcontainers/testcontainers-go v0.32.0 h1:ug1aK08L3gCHdhknlTTwWjPHPS+/alvLJU/DRxTD/ME=
1402+
github.com/testcontainers/testcontainers-go v0.32.0/go.mod h1:CRHrzHLQhlXUsa5gXjTOfqIEJcrK5+xMDmBr/WMI88E=
13991403
github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg=
14001404
github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
14011405
github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI=
@@ -1798,6 +1802,7 @@ golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
17981802
golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
17991803
golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
18001804
golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
1805+
golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
18011806
golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
18021807
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
18031808
golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=

0 commit comments

Comments
 (0)