Switch to github.com/golang/dep for vendoring

Signed-off-by: Mrunal Patel <mrunalp@gmail.com>

vendor/github.com/opencontainers/go-digest/README.md

@@ -88,16 +88,16 @@ the alternatives you tried before submitting a PR.
 
 # Reporting security issues
 
-The maintainers take security seriously. If you discover a security 
-issue, please bring it to their attention right away!
+Please DO NOT file a public issue, instead send your report privately to
+security@opencontainers.org.
 
-Please DO NOT file a public issue, instead send your report privately
-to security@docker.com.
+The maintainers take security seriously. If you discover a security issue,
+please bring it to their attention right away!
 
-Security reports are greatly appreciated and we will publicly thank you 
-for it. We also like to send gifts—if you're into Docker schwag, make 
-sure to let us know. We currently do not offer a paid security bounty 
-program, but are not ruling it out in the future.
+If you are reporting a security issue, do not create an issue or file a pull
+request on GitHub. Instead, disclose the issue responsibly by sending an email
+to security@opencontainers.org (which is inhabited only by the maintainers of
+the various OCI projects).
 
 # Copyright and license
 

vendor/github.com/opencontainers/go-digest/algorithm.go

@@ -1,3 +1,17 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package digest
 
 import (

vendor/github.com/opencontainers/go-digest/algorithm_test.go

@@ -0,0 +1,114 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package digest
+
+import (
+	"bytes"
+	"crypto/rand"
+	_ "crypto/sha256"
+	_ "crypto/sha512"
+	"flag"
+	"fmt"
+	"strings"
+	"testing"
+)
+
+func TestFlagInterface(t *testing.T) {
+	var (
+		alg     Algorithm
+		flagSet flag.FlagSet
+	)
+
+	flagSet.Var(&alg, "algorithm", "set the digest algorithm")
+	for _, testcase := range []struct {
+		Name     string
+		Args     []string
+		Err      error
+		Expected Algorithm
+	}{
+		{
+			Name: "Invalid",
+			Args: []string{"-algorithm", "bean"},
+			Err:  ErrDigestUnsupported,
+		},
+		{
+			Name:     "Default",
+			Args:     []string{"unrelated"},
+			Expected: "sha256",
+		},
+		{
+			Name:     "Other",
+			Args:     []string{"-algorithm", "sha512"},
+			Expected: "sha512",
+		},
+	} {
+		t.Run(testcase.Name, func(t *testing.T) {
+			alg = Canonical
+			if err := flagSet.Parse(testcase.Args); err != testcase.Err {
+				if testcase.Err == nil {
+					t.Fatal("unexpected error", err)
+				}
+
+				// check that flag package returns correct error
+				if !strings.Contains(err.Error(), testcase.Err.Error()) {
+					t.Fatalf("unexpected error: %v != %v", err, testcase.Err)
+				}
+				return
+			}
+
+			if alg != testcase.Expected {
+				t.Fatalf("unexpected algorithm: %v != %v", alg, testcase.Expected)
+			}
+		})
+	}
+}
+
+func TestFroms(t *testing.T) {
+	p := make([]byte, 1<<20)
+	rand.Read(p)
+
+	for alg := range algorithms {
+		h := alg.Hash()
+		h.Write(p)
+		expected := Digest(fmt.Sprintf("%s:%x", alg, h.Sum(nil)))
+		readerDgst, err := alg.FromReader(bytes.NewReader(p))
+		if err != nil {
+			t.Fatalf("error calculating hash from reader: %v", err)
+		}
+
+		dgsts := []Digest{
+			alg.FromBytes(p),
+			alg.FromString(string(p)),
+			readerDgst,
+		}
+
+		if alg == Canonical {
+			readerDgst, err := FromReader(bytes.NewReader(p))
+			if err != nil {
+				t.Fatalf("error calculating hash from reader: %v", err)
+			}
+
+			dgsts = append(dgsts,
+				FromBytes(p),
+				FromString(string(p)),
+				readerDgst)
+		}
+		for _, dgst := range dgsts {
+			if dgst != expected {
+				t.Fatalf("unexpected digest %v != %v", dgst, expected)
+			}
+		}
+	}
+}

vendor/github.com/opencontainers/go-digest/digest.go

@@ -1,3 +1,17 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package digest
 
 import (

vendor/github.com/opencontainers/go-digest/digest_test.go

@@ -0,0 +1,106 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package digest
+
+import (
+	"testing"
+)
+
+func TestParseDigest(t *testing.T) {
+	for _, testcase := range []struct {
+		input     string
+		err       error
+		algorithm Algorithm
+		hex       string
+	}{
+		{
+			input:     "sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b",
+			algorithm: "sha256",
+			hex:       "e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b",
+		},
+		{
+			input:     "sha384:d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d",
+			algorithm: "sha384",
+			hex:       "d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d",
+		},
+		{
+			// empty hex
+			input: "sha256:",
+			err:   ErrDigestInvalidFormat,
+		},
+		{
+			// empty hex
+			input: ":",
+			err:   ErrDigestInvalidFormat,
+		},
+		{
+			// just hex
+			input: "d41d8cd98f00b204e9800998ecf8427e",
+			err:   ErrDigestInvalidFormat,
+		},
+		{
+			// not hex
+			input: "sha256:d41d8cd98f00b204e9800m98ecf8427e",
+			err:   ErrDigestInvalidFormat,
+		},
+		{
+			// too short
+			input: "sha256:abcdef0123456789",
+			err:   ErrDigestInvalidLength,
+		},
+		{
+			// too short (from different algorithm)
+			input: "sha512:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789",
+			err:   ErrDigestInvalidLength,
+		},
+		{
+			input: "foo:d41d8cd98f00b204e9800998ecf8427e",
+			err:   ErrDigestUnsupported,
+		},
+	} {
+		digest, err := Parse(testcase.input)
+		if err != testcase.err {
+			t.Fatalf("error differed from expected while parsing %q: %v != %v", testcase.input, err, testcase.err)
+		}
+
+		if testcase.err != nil {
+			continue
+		}
+
+		if digest.Algorithm() != testcase.algorithm {
+			t.Fatalf("incorrect algorithm for parsed digest: %q != %q", digest.Algorithm(), testcase.algorithm)
+		}
+
+		if digest.Hex() != testcase.hex {
+			t.Fatalf("incorrect hex for parsed digest: %q != %q", digest.Hex(), testcase.hex)
+		}
+
+		// Parse string return value and check equality
+		newParsed, err := Parse(digest.String())
+
+		if err != nil {
+			t.Fatalf("unexpected error parsing input %q: %v", testcase.input, err)
+		}
+
+		if newParsed != digest {
+			t.Fatalf("expected equal: %q != %q", newParsed, digest)
+		}
+
+		newFromHex := NewDigestFromHex(newParsed.Algorithm().String(), newParsed.Hex())
+		if newFromHex != digest {
+			t.Fatalf("%v != %v", newFromHex, digest)
+		}
+	}
+}

vendor/github.com/opencontainers/go-digest/digester.go

@@ -1,3 +1,17 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package digest
 
 import "hash"

vendor/github.com/opencontainers/go-digest/doc.go

@@ -1,3 +1,17 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 // Package digest provides a generalized type to opaquely represent message
 // digests and their operations within the registry. The Digest type is
 // designed to serve as a flexible identifier in a content-addressable system.

vendor/github.com/opencontainers/go-digest/verifiers.go

@@ -1,3 +1,17 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
 package digest
 
 import (

vendor/github.com/opencontainers/go-digest/verifiers_test.go

@@ -0,0 +1,80 @@
+// Copyright 2017 Docker, Inc.
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     https://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+
+package digest
+
+import (
+	"bytes"
+	"crypto/rand"
+	"io"
+	"reflect"
+	"testing"
+)
+
+func TestDigestVerifier(t *testing.T) {
+	p := make([]byte, 1<<20)
+	rand.Read(p)
+	digest := FromBytes(p)
+
+	verifier := digest.Verifier()
+
+	io.Copy(verifier, bytes.NewReader(p))
+
+	if !verifier.Verified() {
+		t.Fatalf("bytes not verified")
+	}
+}
+
+// TestVerifierUnsupportedDigest ensures that unsupported digest validation is
+// flowing through verifier creation.
+func TestVerifierUnsupportedDigest(t *testing.T) {
+	for _, testcase := range []struct {
+		Name     string
+		Digest   Digest
+		Expected interface{} // expected panic target
+	}{
+		{
+			Name:     "Empty",
+			Digest:   "",
+			Expected: "no ':' separator in digest \"\"",
+		},
+		{
+			Name:     "EmptyAlg",
+			Digest:   ":",
+			Expected: "empty digest algorithm, validate before calling Algorithm.Hash()",
+		},
+		{
+			Name:     "Unsupported",
+			Digest:   Digest("bean:0123456789abcdef"),
+			Expected: "bean not available (make sure it is imported)",
+		},
+		{
+			Name:     "Garbage",
+			Digest:   Digest("sha256-garbage:pure"),
+			Expected: "sha256-garbage not available (make sure it is imported)",
+		},
+	} {
+		t.Run(testcase.Name, func(t *testing.T) {
+			expected := testcase.Expected
+			defer func() {
+				recovered := recover()
+				if !reflect.DeepEqual(recovered, expected) {
+					t.Fatalf("unexpected recover: %v != %v", recovered, expected)
+				}
+			}()
+
+			_ = testcase.Digest.Verifier()
+		})
+	}
+}