github/containerd
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity
13,842 Commits 3 Branches 2 Tags 112 MiB
b6ffa2794e
Commit Graph

125 Commits

Author SHA1 Message Date
Derek McGowan
17294e5816
Merge pull request #10047 from containerd/dependabot/go_modules/golang-x-5cf8641f85 
build(deps): bump the golang-x group with 3 updates
 2024-04-22 16:18:12 +00:00
Kirtana Ashok
a6a82c1023 Update hcsshim to v0.12.3 
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2024-04-19 15:26:47 -07:00
dependabot[bot]
77512e2d79
build(deps): bump the golang-x group with 3 updates 
Bumps the golang-x group with 3 updates: [golang.org/x/mod](https://github.com/golang/mod), [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/mod` from 0.16.0 to 0.17.0
- [Commits](https://github.com/golang/mod/compare/v0.16.0...v0.17.0)

Updates `golang.org/x/sync` from 0.6.0 to 0.7.0
- [Commits](https://github.com/golang/sync/compare/v0.6.0...v0.7.0)

Updates `golang.org/x/sys` from 0.18.0 to 0.19.0
- [Commits](https://github.com/golang/sys/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-15 23:41:36 +00:00
dependabot[bot]
1040c7b98e
build(deps): bump the otel group with 8 updates 
Bumps the otel group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.49.0` | `0.50.0` |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.49.0` | `0.50.0` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.24.0` | `1.25.0` |


Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.49.0 to 0.50.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.49.0...zpages/v0.50.0)

Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.49.0 to 0.50.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.49.0...zpages/v0.50.0)

Updates `go.opentelemetry.io/otel` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

Updates `go.opentelemetry.io/otel/trace` from 1.24.0 to 1.25.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-11 18:13:08 +00:00
dependabot[bot]
30813f6463
build(deps): bump github.com/containernetworking/plugins 
Bumps [github.com/containernetworking/plugins](https://github.com/containernetworking/plugins) from 1.4.0 to 1.4.1.
- [Release notes](https://github.com/containernetworking/plugins/releases)
- [Commits](https://github.com/containernetworking/plugins/compare/v1.4.0...v1.4.1)

---
updated-dependencies:
- dependency-name: github.com/containernetworking/plugins
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-18 23:08:13 +00:00
dependabot[bot]
228aa42a60
build(deps): bump the otel group with 8 updates 
Bumps the otel group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.48.0` | `0.49.0` |
| [go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp](https://github.com/open-telemetry/opentelemetry-go-contrib) | `0.48.0` | `0.49.0` |
| [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |
| [go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |
| [go.opentelemetry.io/otel/sdk](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |
| [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) | `1.23.1` | `1.24.0` |


Updates `go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc` from 0.48.0 to 0.49.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.48.0...zpages/v0.49.0)

Updates `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` from 0.48.0 to 0.49.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go-contrib/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go-contrib/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go-contrib/compare/zpages/v0.48.0...zpages/v0.49.0)

Updates `go.opentelemetry.io/otel` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

Updates `go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

Updates `go.opentelemetry.io/otel/sdk` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

Updates `go.opentelemetry.io/otel/trace` from 1.23.1 to 1.24.0
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: otel
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-08 15:21:15 +00:00
dependabot[bot]
00d714e90a
build(deps): bump the golang-x group with 2 updates 
Bumps the golang-x group with 2 updates: [golang.org/x/mod](https://github.com/golang/mod) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/mod` from 0.15.0 to 0.16.0
- [Commits](https://github.com/golang/mod/compare/v0.15.0...v0.16.0)

Updates `golang.org/x/sys` from 0.17.0 to 0.18.0
- [Commits](https://github.com/golang/sys/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/mod
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-03-04 23:46:03 +00:00
Abel Feng
522130a667 sandbox: support vsock connection to task api 
Signed-off-by: Abel Feng <fshb1988@gmail.com>
 2024-02-22 01:36:38 +00:00
Danny Canter
6a21c96b55 Replace go-grpc-prometheus with go-grpc-middleware/providers/prometheus 
Fixes #9806

go-grpc-prometheus is deprecated. The new location it was moved to also introduced
an entirely new api, but afaict this matches what we have at the moment.

Signed-off-by: Danny Canter <danny@dcantah.dev>
 2024-02-20 02:01:57 -08:00
Mike Brown
dd725fae25
Merge pull request #9378 from kiashok/updateCriApi 
Update cri-api to v0.29.1
 2024-02-13 16:01:10 +00:00
Alexandru Matei
c2dfae8d05 go.mod: Bump golang.org/x/sys to v0.17.0 
Replace internal LOOP_CONFIGURE ioctl implementation with
IoctlLoopConfigure from sys

Signed-off-by: Alexandru Matei <alexandru.matei@uipath.com>
 2024-02-12 15:55:33 +02:00
kiashok
25ab902198 Update to v0.29.1 cri-api 
Signed-off-by: kiashok <kiashok@microsoft.com>
 2024-02-09 19:27:42 -08:00
dependabot[bot]
dfb1753800
build(deps): bump the golang-x group with 2 updates 
Bumps the golang-x group with 2 updates: [golang.org/x/sync](https://github.com/golang/sync) and [golang.org/x/sys](https://github.com/golang/sys).


Updates `golang.org/x/sync` from 0.5.0 to 0.6.0
- [Commits](https://github.com/golang/sync/compare/v0.5.0...v0.6.0)

Updates `golang.org/x/sys` from 0.15.0 to 0.16.0
- [Commits](https://github.com/golang/sys/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: golang-x
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-08 23:48:26 +00:00
Sebastiaan van Stijn
fa83bc8de5
integration: remove use of golang.org/x/sys/execabs 
This dependency was removed in 2af6db672e, but
was re-introduced in commit 2fab240f21.

Now that golang.org/x/tools also stopped using this dependency, removing
this use will remove the package from our dependency tree.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2024-01-05 10:05:37 +01:00
dependabot[bot]
5387747e92
build(deps): bump github.com/containerd/cgroups/v3 from 3.0.2 to 3.0.3 
Bumps [github.com/containerd/cgroups/v3](https://github.com/containerd/cgroups) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/containerd/cgroups/releases)
- [Commits](https://github.com/containerd/cgroups/compare/v3.0.2...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/containerd/cgroups/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-29 11:45:53 +00:00
Bryant Biggs
78421616e0 deps: Update otelgrpc 
Signed-off-by: Bryant Biggs <bryantbiggs@gmail.com>
 2023-12-28 09:47:05 -05:00
dependabot[bot]
1f9151af60
build(deps): bump google.golang.org/grpc from 1.58.3 to 1.60.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.58.3 to 1.60.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.58.3...v1.60.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-18 23:59:35 +00:00
dependabot[bot]
db43e3d1f7
build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.4.0 to 0.5.0.
- [Commits](https://github.com/golang/sync/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sync
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-13 00:24:20 +00:00
Kohei Tokunaga
9937909693
go.mod: Bump up github.com/containernetworking/plugins to v1.4.0 
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com>
 2023-12-06 10:29:44 +09:00
Derek McGowan
638b474c81
Temporarily remove imgcrypt in CRI to fix circular dependency 
Signed-off-by: Derek McGowan <derek@mcg.dev>
 2023-10-27 15:36:47 -07:00
Aditi Sharma
03d81f595f Use cri streaming pkg from k8s staging 
Use staging k8s.io/kubelet/cri/streaming package

Signed-off-by: Aditi Sharma <adi.sky17@gmail.com>
 2023-10-18 09:14:28 +05:30
Sebastiaan van Stijn
f7c9e99422
vendor: golang.org/x/net v0.17.0 
full diff: https://github.com/golang/text/compare/v0.13.0...v0.17.0

This fixes the same CVE as go1.21.3 and go1.20.10;

- net/http: rapid stream resets can cause excessive work

  A malicious HTTP/2 client which rapidly creates requests and
  immediately resets them can cause excessive server resource consumption.
  While the total number of requests is bounded to the
  http2.Server.MaxConcurrentStreams setting, resetting an in-progress
  request allows the attacker to create a new request while the existing
  one is still executing.

  HTTP/2 servers now bound the number of simultaneously executing
  handler goroutines to the stream concurrency limit. New requests
  arriving when at the limit (which can only happen after the client
  has reset an existing, in-flight request) will be queued until a
  handler exits. If the request queue grows too large, the server
  will terminate the connection.

  This issue is also fixed in golang.org/x/net/http2 v0.17.0,
  for users manually configuring HTTP/2.

  The default stream concurrency limit is 250 streams (requests)
  per HTTP/2 connection. This value may be adjusted using the
  golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
  setting and the ConfigureServer function.

  This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
  This is also tracked by CVE-2023-44487.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:50:24 +02:00
Sebastiaan van Stijn
c3652540c7
vendor: golang.org/x/text v0.13.0 
full diff: https://github.com/golang/text/compare/v0.11.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:48:18 +02:00
Sebastiaan van Stijn
ff602c2133
vendor: golang.org/x/sys v0.13.0 
full diff: https://github.com/golang/sys/compare/v0.10.0...v0.13.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2023-10-16 21:47:15 +02:00
Kern Walster
42dc8faba8 Bump x/net to 0.13 
This silences govulncheck detecting
https://pkg.go.dev/vuln/GO-2023-1988.

containerd does not directly use x/net

Signed-off-by: Kern Walster <walster@amazon.com>
 2023-10-03 04:41:35 +00:00
Jordan Liggitt
55b2df560f
go.mod: github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.2 
Signed-off-by: Jordan Liggitt <liggitt@google.com>
 2023-09-07 16:53:10 -04:00
Kirtana Ashok
e7e5619fed Update hcsshim tag to v0.10.0 
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2023-08-09 11:55:54 -07:00
Akihiro Suda
bc96b9039a
go.mod: github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20230306123547-8075edf89bb0 
5330a85ea6...8075edf89b

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:08:01 +09:00
Akihiro Suda
4bda0a69e2
go.mod: github.com/grpc-ecosystem/go-grpc-middleware v1.4.0 
https://github.com/grpc-ecosystem/go-grpc-middleware/compare/v1.3.0...v1.4.0

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-07-23 03:07:59 +09:00
Kirtana Ashok
56d80f81a2 Update hcsshim tag to v0.10.0-rc.9 
Signed-off-by: Kirtana Ashok <kiashok@microsoft.com>
 2023-07-17 10:28:47 -07:00
Brian Goff
104b9ef9eb Update x/sys to 0.8.0 
Signed-off-by: Brian Goff <cpuguy83@gmail.com>
 2023-06-03 16:14:38 +00:00
Rodrigo Campos
85afda6f52 cri: Vendor v0.27.0-beta.0 for mounts uid/gid mappings 
We will use this in future commits to see if the kubelet requested idmap
mounts for volumes, that we don't yet support.

Signed-off-by: Rodrigo Campos <rodrigoca@microsoft.com>
 2023-04-11 17:31:27 +02:00
Gabriel Adrian Samfira
db32798592 Update continuity, go-winio and hcsshim 
Update dependencies and remove the local bindfilter files. Those have
been moved to go-winio.

Signed-off-by: Gabriel Adrian Samfira <gsamfira@cloudbasesolutions.com>
 2023-03-31 06:16:52 -07:00
Akihiro Suda
6d95132313
go.mod: github.com/containerd/cgroups/v3 v3.0.1 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-03-07 22:06:38 +09:00
Luca Comellini
8145b15f08
Bump k8s.io deps 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2023-03-01 21:37:21 -08:00
Akihiro Suda
52f82acb7b
btrfs: depend on kernel UAPI instead of libbtrfs 
See containerd/btrfs PR 40 and moby/moby PR 44761. (Thanks to [@]neersighted.)

The containerd/btrfs library now requires headers from kernel 4.12 or newer:
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs.h
- https://github.com/torvalds/linux/blob/master/include/uapi/linux/btrfs_tree.h

These files are licensed under the GPL-2.0 WITH Linux-syscall-note, so it should be compatible with the Apache License 2.0.
https://spdx.org/licenses/Linux-syscall-note.html

The dependency on the kernel headers only affects users building from source.
Users on older kernels may opt to not compile this library (`BUILDTAGS=no_btfs`),
or to provide headers from a newer kernel.

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-02-10 10:07:34 +09:00
Aditi
7ec75b1207 Update CNI to 1.2.0 
Signed-off-by: Aditi <sharmaad@vmware.com>
 2023-01-30 10:25:37 +00:00
Akihiro Suda
5082fb3958
go.mod: go.opentelemetry.io/otel v1.12.0 
Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2023-01-30 08:40:46 +09:00
Sebastiaan van Stijn
662d8a085e
vendor: golang.org/x/net v0.4.0 
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed
in stdlib in go1.19.4 and go1.18.9;

> net/http: limit canonical header cache by bytes, not entries
>
> An attacker can cause excessive memory growth in a Go server accepting
> HTTP/2 requests.
>
> HTTP/2 server connections contain a cache of HTTP header keys sent by
> the client. While the total number of entries in this cache is capped,
> an attacker sending very large keys can cause the server to allocate
> approximately 64 MiB per open connection.
>
> This issue is also fixed in golang.org/x/net/http2 v0.4.0,
> for users manually configuring HTTP/2.

full diff: https://github.com/golang/net/compare/c63010009c80...v0.4.0

other dependency updates (due to (circular) dependencies between them):

- golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0
- golang.org/x/term v0.3.0: https://github.com/golang/term/compare/v0.1.0...v0.3.0
- golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-12-07 22:20:44 +01:00
Krisztian Litkey
43704ca888 nri: add experimental NRI plugin. 
Add a common NRI 'service' plugin. It takes care of relaying
requests and respones to and from NRI (external NRI plugins)
and the high-level containerd namespace-independent logic of
applying NRI container adjustments and updates to actual CRI
and other containers.

The namespace-dependent details of the necessary container
manipulation operations are to be implemented by namespace-
specific adaptations. This NRI plugin defines the API which
such adaptations need to implement.

Signed-off-by: Krisztian Litkey <krisztian.litkey@intel.com>
 2022-11-28 21:51:06 +02:00
AdamKorcz
ed3a49c0e6 fix for OSS-Fuzz infra changes 
Signed-off-by: AdamKorcz <adam@adalogics.com>
 2022-11-22 10:18:28 +00:00
Sebastiaan van Stijn
df4d07352d
go.mod: golang.org/x/sys v0.2.0 
full diff: https://github.com/golang/sys/compare/v0.1.0...v0.2.0

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-11-20 21:58:02 +01:00
ruiwen-zhao
792294ce06 Update to cri-api v0.26.0-beta.0 
Signed-off-by: ruiwen-zhao <ruiwen@google.com>
 2022-11-18 21:13:34 +00:00
Luca Comellini
b829e6f2d3
Bump OpenTelemetry to v1.11.1 
Signed-off-by: Luca Comellini <luca.com@gmail.com>
 2022-11-10 22:15:10 -08:00
Akihiro Suda
30c3078ae4
go.mod: golang.org/x/*: use tagged versions 
golang.org/x/oauth2 is not updated due to its complex dependencies

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 2022-11-03 10:18:31 +09:00
Daniel Canter
acb2964d65 go.mod: Bump go-winio to v0.6.0 
Some minor improvements, but biggest for here is ErrPipeListenerClosed
is no longer an errors.New where the string matches the text of the now
exported net.ErrClosed in the stdlib, but is just assigned to net.ErrClosed
directly. This should allow us to get rid of the string check for "use of closed
network connection" here now..

Signed-off-by: Daniel Canter <dcanter@microsoft.com>
 2022-09-28 10:30:38 -07:00
Kazuyoshi Kato
f0fbc8dfdc Upgrade fuzzing-related packages to reduce dependencies 
github.com/AdaLogics/go-fuzz-headers and
github.com/AdamKorcz/go-118-fuzz-build have less dependencies in
the last versions.

Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>
 2022-09-15 23:25:03 +00:00
Sebastiaan van Stijn
0f743ce4ff
vendor: golang.org/x/net v0.0.0-20220906165146-f3363e06e74c 
Update to the latest version that contains a fix for CVE-2022-27664;
f3363e06e7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 2022-09-06 22:46:21 +02:00
Tobias Klauser
0c6553bfda
go.mod, vendor: bump golang.org/x/sys to latest version 
Signed-off-by: Tobias Klauser <tklauser@distanz.ch>
 2022-08-30 10:38:20 +02:00
zounengren
49e2fe2abb bump cri-api 
Signed-off-by: zounengren <zouyee1989@gmail.com>
 2022-08-25 21:03:55 +08:00