Bump docker/distribution to 2.8.2

k/k doesn't use much code from docker/distribution so this doesn't change anything that's actually relevant, but 2.8.1 is identified as affected by CVE-2022-28391 and CVE-2023-2253; bumping to 2.8.2 avoids k/k triggering scanners on those CVEs. Signed-off-by: Stephen Kitt <skitt@redhat.com>
2023-05-16 09:17:51 +02:00
parent 70033bf843
commit 3680a5230c
6 changed files with 9 additions and 8 deletions
--- a/vendor/github.com/docker/distribution/reference/reference.go
+++ b/vendor/github.com/docker/distribution/reference/reference.go
@@ -3,13 +3,13 @@
 //
 // Grammar
 //
-// 	reference                       := name [ ":" tag ] [ "@" digest ]
+//	reference                       := name [ ":" tag ] [ "@" digest ]
 //	name                            := [domain '/'] path-component ['/' path-component]*
 //	domain                          := domain-component ['.' domain-component]* [':' port-number]
 //	domain-component                := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/
 //	port-number                     := /[0-9]+/
 //	path-component                  := alpha-numeric [separator alpha-numeric]*
-// 	alpha-numeric                   := /[a-z0-9]+/
+//	alpha-numeric                   := /[a-z0-9]+/
 //	separator                       := /[_.]|__|[-]*/
 //
 //	tag                             := /[\w][\w.-]{0,127}/