Merge pull request #3226 from thaJeztah/bump_go_digest

vendor: opencontainers/go-digest v1.0.0
This commit is contained in:
Manish Tomar 2020-08-24 10:50:21 -07:00 committed by GitHub
commit fe1ffa86bc
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
15 changed files with 87 additions and 65 deletions

2
go.mod
View file

@ -28,7 +28,7 @@ require (
github.com/mitchellh/mapstructure v1.1.2 github.com/mitchellh/mapstructure v1.1.2
github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f // indirect github.com/mitchellh/osext v0.0.0-20151018003038-5e2d6d41470f // indirect
github.com/ncw/swift v1.0.47 github.com/ncw/swift v1.0.47
github.com/opencontainers/go-digest v1.0.0-rc1 github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/image-spec v1.0.1 github.com/opencontainers/image-spec v1.0.1
github.com/satori/go.uuid v1.2.0 // indirect github.com/satori/go.uuid v1.2.0 // indirect
github.com/sirupsen/logrus v1.4.2 github.com/sirupsen/logrus v1.4.2

4
go.sum
View file

@ -89,8 +89,8 @@ github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3Rllmb
github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U= github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
github.com/ncw/swift v1.0.47 h1:4DQRPj35Y41WogBxyhOXlrI37nzGlyEcsforeudyYPQ= github.com/ncw/swift v1.0.47 h1:4DQRPj35Y41WogBxyhOXlrI37nzGlyEcsforeudyYPQ=
github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM= github.com/ncw/swift v1.0.47/go.mod h1:23YIA4yWVnGwv2dQlN4bB7egfYX6YLn0Yo/S6zZO/ZM=
github.com/opencontainers/go-digest v1.0.0-rc1 h1:WzifXhOVOEOuFYOJAW6aQqW0TooG2iki3E3Ii+WN7gQ= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U=
github.com/opencontainers/go-digest v1.0.0-rc1/go.mod h1:cMLVZDEM3+U2I4VmLI6N8jQYUd2OVphdqWwCJHrFt2s= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI= github.com/opencontainers/image-spec v1.0.1 h1:JMemWkRwHx4Zj+fVxWoMCFm/8sYGGrUVojFA6h/TRcI=
github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= github.com/opencontainers/image-spec v1.0.1/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0=
github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=

View file

@ -1 +1,4 @@
Aaron Lehmann <aaronl@vitelus.com> <aaron.lehmann@docker.com>
Derek McGowan <derek@mcg.dev> <derek@mcgstyle.net>
Stephen J Day <stephen.day@docker.com> <stevvooe@users.noreply.github.com> Stephen J Day <stephen.day@docker.com> <stevvooe@users.noreply.github.com>
Haibing Zhou <zhouhaibing089@gmail.com>

View file

@ -1,12 +1,28 @@
approve_by_comment: true version: 2
approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)'
reject_regex: ^Rejected requirements:
reset_on_push: true
author_approval: ignored
signed_off_by: signed_off_by:
required: true required: true
reviewers:
always_pending:
title_regex: '^WIP'
explanation: 'Work in progress...'
group_defaults:
required: 2
approve_by_comment:
enabled: true
approve_regex: '^LGTM'
reject_regex: '^Rejected'
reset_on_push:
enabled: true
author_approval:
ignored: true
conditions:
branches:
- master
groups:
go-digest:
teams: teams:
- go-digest-maintainers - go-digest-maintainers
name: default
required: 2

View file

@ -1,4 +1,5 @@
language: go language: go
go: go:
- 1.7 - 1.12.x
- 1.13.x
- master - master

View file

@ -176,6 +176,7 @@
END OF TERMS AND CONDITIONS END OF TERMS AND CONDITIONS
Copyright 2019, 2020 OCI Contributors
Copyright 2016 Docker, Inc. Copyright 2016 Docker, Inc.
Licensed under the Apache License, Version 2.0 (the "License"); Licensed under the Apache License, Version 2.0 (the "License");

View file

@ -1,9 +1,5 @@
Aaron Lehmann <aaron.lehmann@docker.com> (@aaronlehmann)
Brandon Philips <brandon.philips@coreos.com> (@philips)
Brendan Burns <bburns@microsoft.com> (@brendandburns)
Derek McGowan <derek@mcgstyle.net> (@dmcgowan) Derek McGowan <derek@mcgstyle.net> (@dmcgowan)
Jason Bouzane <jbouzane@google.com> (@jbouzane) Stephen Day <stevvooe@gmail.com> (@stevvooe)
John Starks <jostarks@microsoft.com> (@jstarks) Vincent Batts <vbatts@hashbangbash.com> (@vbatts)
Jonathan Boulle <jon.boulle@coreos.com> (@jonboulle) Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (@AkihiroSuda)
Stephen Day <stephen.day@docker.com> (@stevvooe) Sebastiaan van Stijn <github@gone.nl> (@thaJeztah)
Vincent Batts <vbatts@redhat.com> (@vbatts)

View file

@ -8,20 +8,16 @@ Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) fo
# What is a digest? # What is a digest?
A digest is just a hash. A digest is just a [hash](https://en.wikipedia.org/wiki/Hash_function).
The most common use case for a digest is to create a content The most common use case for a digest is to create a content identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) systems:
identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage)
systems:
```go ```go
id := digest.FromBytes([]byte("my content")) id := digest.FromBytes([]byte("my content"))
``` ```
In the example above, the id can be used to uniquely identify In the example above, the id can be used to uniquely identify the byte slice "my content".
the byte slice "my content". This allows two disparate applications This allows two disparate applications to agree on a verifiable identifier without having to trust one another.
to agree on a verifiable identifier without having to trust one
another.
An identifying digest can be verified, as follows: An identifying digest can be verified, as follows:
@ -31,8 +27,7 @@ if id != digest.FromBytes([]byte("my content")) {
} }
``` ```
A `Verifier` type can be used to handle cases where an `io.Reader` A `Verifier` type can be used to handle cases where an `io.Reader` makes more sense:
makes more sense:
```go ```go
rd := getContent() rd := getContent()
@ -44,18 +39,14 @@ if !verifier.Verified() {
} }
``` ```
Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this can power a rich, safe, content distribution system.
can power a rich, safe, content distribution system.
# Usage # Usage
While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is considered the best resource, a few important items need to be called out when using this package.
considered the best resource, a few important items need to be called
out when using this package.
1. Make sure to import the hash implementations into your application 1. Make sure to import the hash implementations into your application or the package will panic.
or the package will panic. You should have something like the You should have something like the following in the main (or other entrypoint) of your application:
following in the main (or other entrypoint) of your application:
```go ```go
import ( import (
@ -66,11 +57,10 @@ out when using this package.
This may seem inconvenient but it allows you replace the hash This may seem inconvenient but it allows you replace the hash
implementations with others, such as https://github.com/stevvooe/resumable. implementations with others, such as https://github.com/stevvooe/resumable.
2. Even though `digest.Digest` may be assemable as a string, _always_ 2. Even though `digest.Digest` may be assemblable as a string, _always_ verify your input with `digest.Parse` or use `Digest.Validate` when accepting untrusted input.
verify your input with `digest.Parse` or use `Digest.Validate` While there are measures to avoid common problems, this will ensure you have valid digests in the rest of your application.
when accepting untrusted input. While there are measures to
avoid common problems, this will ensure you have valid digests 3. While alternative encodings of hash values (digests) are possible (for example, base64), this package deals exclusively with hex-encoded digests.
in the rest of your application.
# Stability # Stability
@ -80,25 +70,27 @@ As always, before using a package export, read the [godoc](https://godoc.org/git
# Contributing # Contributing
This package is considered fairly complete. It has been in production This package is considered fairly complete.
in thousands (millions?) of deployments and is fairly battle-hardened. It has been in production in thousands (millions?) of deployments and is fairly battle-hardened.
New additions will be met with skepticism. If you think there is a New additions will be met with skepticism.
missing feature, please file a bug clearly describing the problem and If you think there is a missing feature, please file a bug clearly describing the problem and the alternatives you tried before submitting a PR.
the alternatives you tried before submitting a PR.
# Reporting security issues ## Code of Conduct
Please DO NOT file a public issue, instead send your report privately to Participation in the OpenContainers community is governed by [OpenContainer's Code of Conduct][code-of-conduct].
security@opencontainers.org.
The maintainers take security seriously. If you discover a security issue, ## Security
please bring it to their attention right away!
If you are reporting a security issue, do not create an issue or file a pull If you find an issue, please follow the [security][security] protocol to report it.
request on GitHub. Instead, disclose the issue responsibly by sending an email
to security@opencontainers.org (which is inhabited only by the maintainers of
the various OCI projects).
# Copyright and license # Copyright and license
Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code is released under the [Apache 2.0 license](LICENSE.code). This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. Copyright © 2019, 2020 OCI Contributors
Copyright © 2016 Docker, Inc.
All rights reserved, except as follows.
Code is released under the [Apache 2.0 license](LICENSE).
This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs).
You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/.
[security]: https://github.com/opencontainers/org/blob/master/security
[code-of-conduct]: https://github.com/opencontainers/org/blob/master/CODE_OF_CONDUCT.md

View file

@ -1,3 +1,4 @@
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");

View file

@ -1,3 +1,4 @@
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");

View file

@ -1,3 +1,4 @@
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");

View file

@ -1,3 +1,4 @@
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");
@ -29,8 +30,13 @@
// //
// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc // sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc
// //
// In this case, the string "sha256" is the algorithm and the hex bytes are // The "algorithm" portion defines both the hashing algorithm used to calculate
// the "digest". // the digest and the encoding of the resulting digest, which defaults to "hex"
// if not otherwise specified. Currently, all supported algorithms have their
// digests encoded in hex strings.
//
// In the example above, the string "sha256" is the algorithm and the hex bytes
// are the "digest".
// //
// Because the Digest type is simply a string, once a valid Digest is // Because the Digest type is simply a string, once a valid Digest is
// obtained, comparisons are cheap, quick and simple to express with the // obtained, comparisons are cheap, quick and simple to express with the

3
vendor/github.com/opencontainers/go-digest/go.mod generated vendored Normal file
View file

@ -0,0 +1,3 @@
module github.com/opencontainers/go-digest
go 1.13

View file

@ -1,3 +1,4 @@
// Copyright 2019, 2020 OCI Contributors
// Copyright 2017 Docker, Inc. // Copyright 2017 Docker, Inc.
// //
// Licensed under the Apache License, Version 2.0 (the "License"); // Licensed under the Apache License, Version 2.0 (the "License");

2
vendor/modules.txt vendored
View file

@ -103,7 +103,7 @@ github.com/mitchellh/mapstructure
# github.com/ncw/swift v1.0.47 # github.com/ncw/swift v1.0.47
github.com/ncw/swift github.com/ncw/swift
github.com/ncw/swift/swifttest github.com/ncw/swift/swifttest
# github.com/opencontainers/go-digest v1.0.0-rc1 # github.com/opencontainers/go-digest v1.0.0
github.com/opencontainers/go-digest github.com/opencontainers/go-digest
# github.com/opencontainers/image-spec v1.0.1 # github.com/opencontainers/image-spec v1.0.1
github.com/opencontainers/image-spec/specs-go github.com/opencontainers/image-spec/specs-go