From fa81e791276f12a4ab1ad5483f97396010396d89 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 15 Oct 2024 07:59:46 +0800 Subject: [PATCH 1/8] fix: fix debug log (#1061) Signed-off-by: Patrick Zheng --- internal/trace/context.go | 1 + internal/trace/transport.go | 42 +++++++++++++++++++++++--------- test/e2e/suite/command/verify.go | 2 +- test/e2e/suite/plugin/verify.go | 10 ++++---- 4 files changed, 37 insertions(+), 18 deletions(-) diff --git a/internal/trace/context.go b/internal/trace/context.go index 8563d73ee..322696062 100644 --- a/internal/trace/context.go +++ b/internal/trace/context.go @@ -48,6 +48,7 @@ func WithLoggerLevel(ctx context.Context, level logrus.Level) context.Context { // create logger logger := logrus.New() + formatter.DisableQuote = true logger.SetFormatter(&formatter) logger.SetLevel(level) diff --git a/internal/trace/transport.go b/internal/trace/transport.go index 6d6f9546c..5c631c62b 100644 --- a/internal/trace/transport.go +++ b/internal/trace/transport.go @@ -31,13 +31,27 @@ package trace import ( "context" + "fmt" "net/http" "strings" + "sync/atomic" "github.com/notaryproject/notation-go/log" "github.com/sirupsen/logrus" ) +var ( + // requestCount records the number of logged request-response pairs and will + // be used as the unique id for the next pair. + requestCount uint64 + + // toScrub is a set of headers that should be scrubbed from the log. + toScrub = []string{ + "Authorization", + "Set-Cookie", + } +) + // Transport is an http.RoundTripper that keeps track of the in-flight // request and add hooks to report HTTP tracing events. type Transport struct { @@ -50,39 +64,43 @@ func NewTransport(base http.RoundTripper) *Transport { // RoundTrip calls base roundtrip while keeping track of the current request. func (t *Transport) RoundTrip(req *http.Request) (resp *http.Response, err error) { + id := atomic.AddUint64(&requestCount, 1) - 1 ctx := req.Context() e := log.GetLogger(ctx) - e.Debugf("> Request: %q %q", req.Method, req.URL) - e.Debugf("> Request headers:") - logHeader(req.Header, e) + // log the request + e.Debugf("Request #%d\n> Request: %q %q\n> Request headers:\n%s", + id, req.Method, req.URL, logHeader(req.Header)) + // log the response resp, err = t.RoundTripper.RoundTrip(req) if err != nil { e.Errorf("Error in getting response: %w", err) } else if resp == nil { e.Errorf("No response obtained for request %s %q", req.Method, req.URL) } else { - e.Debugf("< Response status: %q", resp.Status) - e.Debugf("< Response headers:") - logHeader(resp.Header, e) + e.Debugf("Response #%d\n< Response status: %q\n< Response headers:\n%s", + id, resp.Status, logHeader(resp.Header)) } return resp, err } // logHeader prints out the provided header keys and values, with auth header // scrubbed. -func logHeader(header http.Header, e log.Logger) { +func logHeader(header http.Header) string { if len(header) > 0 { + headers := []string{} for k, v := range header { - if strings.EqualFold(k, "Authorization") { - v = []string{"*****"} + for _, h := range toScrub { + if strings.EqualFold(k, h) { + v = []string{"*****"} + } } - e.Debugf(" %q: %q", k, strings.Join(v, ", ")) + headers = append(headers, fmt.Sprintf(" %q: %q", k, strings.Join(v, ", "))) } - } else { - e.Debugf(" Empty header") + return strings.Join(headers, "\n") } + return " Empty header" } // SetHTTPDebugLog sets up http debug log with logrus.Logger diff --git a/test/e2e/suite/command/verify.go b/test/e2e/suite/command/verify.go index 239b363b2..b0efdceee 100644 --- a/test/e2e/suite/command/verify.go +++ b/test/e2e/suite/command/verify.go @@ -253,7 +253,7 @@ var _ = Describe("notation verify", func() { notation.Exec("verify", artifact.ReferenceWithDigest(), "-v"). MatchKeyWords(VerifySuccessfully). - MatchErrKeyWords("Timestamp verification disabled: verifyTimestamp is set to \\\"afterCertExpiry\\\" and signing cert chain unexpired") + MatchErrKeyWords("Timestamp verification disabled: verifyTimestamp is set to \"afterCertExpiry\" and signing cert chain unexpired") }) }) }) diff --git a/test/e2e/suite/plugin/verify.go b/test/e2e/suite/plugin/verify.go index 51b76f7a7..520d5cf0b 100644 --- a/test/e2e/suite/plugin/verify.go +++ b/test/e2e/suite/plugin/verify.go @@ -46,7 +46,7 @@ var _ = Describe("notation plugin verify", func() { MatchErrKeyWords( "Plugin verify-signature request", "Plugin verify-signature response", - `{\"verificationResults\":{\"SIGNATURE_VERIFIER.REVOCATION_CHECK\":{\"success\":true},\"SIGNATURE_VERIFIER.TRUSTED_IDENTITY\":{\"success\":true}},\"processedAttributes\":null}`). + `{"verificationResults":{"SIGNATURE_VERIFIER.REVOCATION_CHECK":{"success":true},"SIGNATURE_VERIFIER.TRUSTED_IDENTITY":{"success":true}},"processedAttributes":null}`). MatchKeyWords(VerifySuccessfully) }) }) @@ -77,7 +77,7 @@ var _ = Describe("notation plugin verify", func() { MatchErrKeyWords( "Plugin verify-signature request", "Plugin verify-signature response", - `revocation check by verification plugin \"e2e-plugin\" failed with reason \"revocation check failed\"`, + `revocation check by verification plugin "e2e-plugin" failed with reason "revocation check failed"`, VerifyFailed) }) }) @@ -108,7 +108,7 @@ var _ = Describe("notation plugin verify", func() { MatchErrKeyWords( "Plugin verify-signature request", "Plugin verify-signature response", - `trusted identify verification by plugin \"e2e-plugin\" failed with reason \"trusted identity check failed\"`, + `trusted identify verification by plugin "e2e-plugin" failed with reason "trusted identity check failed"`, VerifyFailed) }) }) @@ -138,7 +138,7 @@ var _ = Describe("notation plugin verify", func() { MatchErrKeyWords( "Plugin verify-signature request", "Plugin verify-signature response", - `{\"verificationResults\":{\"SIGNATURE_VERIFIER.REVOCATION_CHECK\":{\"success\":true},\"SIGNATURE_VERIFIER.TRUSTED_IDENTITY\":{\"success\":true}},\"processedAttributes\":null}`). + `{"verificationResults":{"SIGNATURE_VERIFIER.REVOCATION_CHECK":{"success":true},"SIGNATURE_VERIFIER.TRUSTED_IDENTITY":{"success":true}},"processedAttributes":null}`). MatchKeyWords(VerifySuccessfully) }) }) @@ -197,7 +197,7 @@ var _ = Describe("notation plugin verify", func() { MatchErrKeyWords( "Plugin verify-signature request", "Plugin verify-signature response", - `{\"verificationResults\":{\"SIGNATURE_VERIFIER.REVOCATION_CHECK\":{\"success\":true},\"SIGNATURE_VERIFIER.TRUSTED_IDENTITY\":{\"success\":true}},\"processedAttributes\":null}`). + `{"verificationResults":{"SIGNATURE_VERIFIER.REVOCATION_CHECK":{"success":true},"SIGNATURE_VERIFIER.TRUSTED_IDENTITY":{"success":true}},"processedAttributes":null}`). MatchKeyWords(VerifySuccessfully) }) }) From eb76e2ab4282eb1ef3b454e58a48cfecf27fe0fe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 15 Oct 2024 11:44:13 -0700 Subject: [PATCH 2/8] build(deps): Bump github.com/onsi/gomega from 1.34.1 to 1.34.2 in /test/e2e (#1049) Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega) from 1.34.1 to 1.34.2.
Release notes

Sourced from github.com/onsi/gomega's releases.

v1.34.2

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Changelog

Sourced from github.com/onsi/gomega's changelog.

1.34.2

Require Go 1.22+

Maintenance

  • bump ginkgo as well [c59c6dc]
  • bump to go 1.22 - remove x/exp dependency [8158b99]
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/onsi/gomega&package-manager=go_modules&previous-version=1.34.1&new-version=1.34.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- test/e2e/go.mod | 3 +-- test/e2e/go.sum | 6 ++---- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/test/e2e/go.mod b/test/e2e/go.mod index 8eb559a31..9a4c19a23 100644 --- a/test/e2e/go.mod +++ b/test/e2e/go.mod @@ -5,7 +5,7 @@ go 1.23 require ( github.com/notaryproject/notation-core-go v1.2.0-rc.1 github.com/onsi/ginkgo/v2 v2.20.2 - github.com/onsi/gomega v1.34.1 + github.com/onsi/gomega v1.34.2 github.com/opencontainers/image-spec v1.1.0 oras.land/oras-go/v2 v2.5.0 ) @@ -20,7 +20,6 @@ require ( github.com/opencontainers/go-digest v1.0.0 // indirect github.com/veraison/go-cose v1.1.0 // indirect github.com/x448/float16 v0.8.4 // indirect - golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect golang.org/x/net v0.28.0 // indirect golang.org/x/sync v0.8.0 // indirect golang.org/x/sys v0.24.0 // indirect diff --git a/test/e2e/go.sum b/test/e2e/go.sum index 5b9cd34bb..d423acdd3 100644 --- a/test/e2e/go.sum +++ b/test/e2e/go.sum @@ -16,8 +16,8 @@ github.com/notaryproject/tspclient-go v0.2.0 h1:g/KpQGmyk/h7j60irIRG1mfWnibNOzJ8 github.com/notaryproject/tspclient-go v0.2.0/go.mod h1:LGyA/6Kwd2FlM0uk8Vc5il3j0CddbWSHBj/4kxQDbjs= github.com/onsi/ginkgo/v2 v2.20.2 h1:7NVCeyIWROIAheY21RLS+3j2bb52W0W82tkberYytp4= github.com/onsi/ginkgo/v2 v2.20.2/go.mod h1:K9gyxPIlb+aIvnZ8bd9Ak+YP18w3APlR+5coaZoE2ag= -github.com/onsi/gomega v1.34.1 h1:EUMJIKUjM8sKjYbtxQI9A4z2o+rruxnzNvpknOXie6k= -github.com/onsi/gomega v1.34.1/go.mod h1:kU1QgUvBDLXBJq618Xvm2LUX6rSAfRaFRTcdOeDLwwY= +github.com/onsi/gomega v1.34.2 h1:pNCwDkzrsv7MS9kpaQvVb1aVLahQXyJ/Tv5oAZMI3i8= +github.com/onsi/gomega v1.34.2/go.mod h1:v1xfxRgk0KIsG+QOdm7p8UosrOzPYRo60fd3B/1Dukc= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.1.0 h1:8SG7/vwALn54lVB/0yZ/MMwhFrPYtpEHQb2IpWsCzug= @@ -32,8 +32,6 @@ github.com/x448/float16 v0.8.4 h1:qLwI1I70+NjRFUR3zs1JPUCgaCXSh3SW62uAKT1mSBM= github.com/x448/float16 v0.8.4/go.mod h1:14CWIYCyZA/cWjXOioeEpHeN/83MdbZDRQHoFcYsOfg= golang.org/x/crypto v0.27.0 h1:GXm2NjJrPaiv/h1tb2UH8QfgC/hOf/+z0p6PT8o1w7A= golang.org/x/crypto v0.27.0/go.mod h1:1Xngt8kV6Dvbssa53Ziq6Eqn0HqbZi5Z6R0ZpwQzt70= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 h1:2dVuKD2vS7b0QIHQbpyTISPd0LeHDbnYEryqj5Q1ug8= -golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56/go.mod h1:M4RDyNAINzryxdtnbRXRL/OHtkFuWGRjvuhBJpk2IlY= golang.org/x/net v0.28.0 h1:a9JDOJc5GMUJ0+UDqmLT86WiEy7iWyIhz8gz8E4e5hE= golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= golang.org/x/sync v0.8.0 h1:3NFvSEYkUoMifnESzZl15y791HH1qU2xm6eCJU5ZPXQ= From 445030b6419bcc0a38afa261beac10b1d7a31b53 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Sat, 2 Nov 2024 01:39:43 +0800 Subject: [PATCH 3/8] test: add unit tests (#1075) This PR intends to add more unit tests to increase the code coverage. --------- Signed-off-by: Patrick Zheng --- .github/.codecov.yml | 5 +- .../truststore/testdata/NotationTestRoot.pem | 27 +++++ .../internal/truststore/testdata/invalid.txt | 1 + .../truststore/testdata/self-signed.crt | 20 ++++ .../truststore/x509/ca/test/self-signed.crt | 20 ++++ .../internal/truststore/truststore.go | 2 +- .../internal/truststore/truststore_test.go | 106 ++++++++++++++++-- cmd/notation/plugin/install.go | 2 +- cmd/notation/plugin/install_test.go | 96 ++++++++++++++++ 9 files changed, 269 insertions(+), 10 deletions(-) create mode 100644 cmd/notation/internal/truststore/testdata/NotationTestRoot.pem create mode 100644 cmd/notation/internal/truststore/testdata/invalid.txt create mode 100644 cmd/notation/internal/truststore/testdata/self-signed.crt create mode 100644 cmd/notation/internal/truststore/testdata/truststore/x509/ca/test/self-signed.crt create mode 100644 cmd/notation/plugin/install_test.go diff --git a/.github/.codecov.yml b/.github/.codecov.yml index f1f634615..5cb09045b 100644 --- a/.github/.codecov.yml +++ b/.github/.codecov.yml @@ -15,4 +15,7 @@ coverage: status: project: default: - target: 70% \ No newline at end of file + target: 70% + patch: + default: + target: 80% diff --git a/cmd/notation/internal/truststore/testdata/NotationTestRoot.pem b/cmd/notation/internal/truststore/testdata/NotationTestRoot.pem new file mode 100644 index 000000000..aa23820da --- /dev/null +++ b/cmd/notation/internal/truststore/testdata/NotationTestRoot.pem @@ -0,0 +1,27 @@ +-----BEGIN CERTIFICATE----- +MIIEizCCAvOgAwIBAgIBATANBgkqhkiG9w0BAQsFADBaMQswCQYDVQQGEwJVUzEL +MAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEb +MBkGA1UEAxMSTm90YXRpb24gVGVzdCBSb290MCAXDTIwMDkwOTA3MDAwMFoYDzIx +MjIwOTA1MjAzODQ1WjBaMQswCQYDVQQGEwJVUzELMAkGA1UECBMCV0ExEDAOBgNV +BAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEbMBkGA1UEAxMSTm90YXRpb24g +VGVzdCBSb290MIIBojANBgkqhkiG9w0BAQEFAAOCAY8AMIIBigKCAYEAxxAZ8VZe +gqBUctz3BkwhObZKnW+KsN5/N1/u2vPLmEzHDj6xgd8Hn0JoughDaxeQCV66NC2o +bqPnPp4+68G/qZnxkXVXdFyqVodu4FgPUjiqcJjft7bh45BVgLFpOqSqDQ3ko30B +7gdGfIIkoBj/8gz3tHnmIvl3MywtOhDeGnlLNzBY52wVmhPIdKOaW/7WkMrXKFCk +LkNICGnIpWuyBtC+7RfM8hG6eRW1KCm5xrkRmn5ptonjxix/JTGj4me/NMkwdVkz +6wcCSAJnqTgHi2oqk73qqNu0LHsEMFBF8IGqmVkn2MOHkFamPBokzQ6HXXfvR4nb +cWQZCUgRinPTVg9CF0B6XSCEMCSH5kveZxTQtAFRB6NosbzuU5jDmJgpbDfauev7 +Eg/6bZzphcugRkVuwulymzsake5Jbvs9Kyw3CNPYH2G3Kli1FNhfc46ugXHbIfXg +NQcou3xabcu+r6cFRqqK6NmV9ouMQRj8Ri95Gp2BUlpTEFhcvMb9d4nXAgMBAAGj +WjBYMA4GA1UdDwEB/wQEAwICBDATBgNVHSUEDDAKBggrBgEFBQcDAzASBgNVHRMB +Af8ECDAGAQH/AgEBMB0GA1UdDgQWBBS5FZjt9UsEPkcKrStrnjSpTq4kDTANBgkq +hkiG9w0BAQsFAAOCAYEAKtxfv12LzM85bxOMp5++pIDa6eMcBaurYbAM2yC9B6Lu +Hf0JGeFdNqt4Fw38Ajooj2vWMWBrARVEZRVqTC5+ZSN2meGBXBXlT4n8FdEdmv+0 +5iwVYdmDFp8FKeoOZZZF23u+r2OrazJo1ufWmoSI2P0lEfZQQFQElltWu3QH+OLO +WXJmB7KbLKyheelGK5XhtAYYapRdW4sKJ398ybpv5C1oALCcTwoSmvH8wW5J4/gj +mhKICYh2goMauf0lesdxj+0His7E8blOWrUmfOB5dp73XawLKcd/UxHN8zAPC08L +DL9NMcihn3ZHKi7/dtkiV2iSaDPD1ChSGdqfXIysYqOhYoktgAfBZ43CWnqQhgB8 +NezRKdOStYC3P2AGJW18irxxTRp2CO+gnXEcyhyr+cvyf0j8MkRSaHLXzjIrECu8 +BUitB6sKughdN13fs5t5SIiO6foeFdvIpZFFKO8s+4oTOSDCos2WFoC+8TZS6r58 +3OtFLmywl1HRgQkobGgw +-----END CERTIFICATE----- diff --git a/cmd/notation/internal/truststore/testdata/invalid.txt b/cmd/notation/internal/truststore/testdata/invalid.txt new file mode 100644 index 000000000..98eea0a15 --- /dev/null +++ b/cmd/notation/internal/truststore/testdata/invalid.txt @@ -0,0 +1 @@ +invalid test cert diff --git a/cmd/notation/internal/truststore/testdata/self-signed.crt b/cmd/notation/internal/truststore/testdata/self-signed.crt new file mode 100644 index 000000000..dd0094e90 --- /dev/null +++ b/cmd/notation/internal/truststore/testdata/self-signed.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPjCCAiagAwIBAgIBeTANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzEL +MAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEP +MA0GA1UEAxMGYWxwaW5lMB4XDTIzMDUwOTA0NTUxMloXDTMzMDUxMDA0NTUxMlow +TjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8w +DQYDVQQKEwZOb3RhcnkxDzANBgNVBAMTBmFscGluZTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAK5hpq1229GGLjMK6i9KZhuUO+SV7rUFnWIDiIPO5yWx +YDkl+bGroeAvJYu6MVCMQ6FMRXD9jhnG6R+sAHwY7gVgcJ1OXak87PkLp/Ii1Cr7 +XkkySZeD+Br1vSQzfxs3pFG+iBCeVVkeZdsg+xqwnAlqAILXwIbTGRyJP1Xiu9nw +OeuX1YmxPl2m29Pt1EtfVCL9COsVKt5LgOVyWP/9ISWevOBqSCU9bk35HFo9VTeU +f6+ffhSMjv0Y9uwkFFOKXpcV8Sa3ArqyBmgQlUfGg1iwYlqiDE0fTYxiB3gLgETA +lmTm50J+WB9LoDrnrQpbXFLoegm+JV+uSD8J8H7DL2sCAwEAAaMnMCUwDgYDVR0P +AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBCwUAA4IB +AQAt0Nvna1c4pPn8kzoN5VvmFmeIgdO/BJpmdhdg0WIQ9aeN/xPXXaVjPp1Mk7ed +XHAvBwQr0Gyzqyy7g/h0gdnAFG7f6blrRNzbrRBCq6cNqX8iwgK/9+2OYKxk1QWj +8Gx0cvu1DN1aXjPPGgQ2j3tHjJvJv32J/zuZa8gU40RPPSLaBlc5ZjpFmyi29sKl +TeeZ+F/Ssic51qXXw2CsYGGWK5yQ3xSCxbw6bb2G/s/YI7/KlWg9BktBJHzRu04Z +NR77W7/dyJ3Lj17PlW1XKmMOFHsQivagXeRCbmYZ43fX4ugFRFKL7KE0EgmGOWpJ +0xv+6ig93sqHzQ/0uv1YgFov +-----END CERTIFICATE----- diff --git a/cmd/notation/internal/truststore/testdata/truststore/x509/ca/test/self-signed.crt b/cmd/notation/internal/truststore/testdata/truststore/x509/ca/test/self-signed.crt new file mode 100644 index 000000000..dd0094e90 --- /dev/null +++ b/cmd/notation/internal/truststore/testdata/truststore/x509/ca/test/self-signed.crt @@ -0,0 +1,20 @@ +-----BEGIN CERTIFICATE----- +MIIDPjCCAiagAwIBAgIBeTANBgkqhkiG9w0BAQsFADBOMQswCQYDVQQGEwJVUzEL +MAkGA1UECBMCV0ExEDAOBgNVBAcTB1NlYXR0bGUxDzANBgNVBAoTBk5vdGFyeTEP +MA0GA1UEAxMGYWxwaW5lMB4XDTIzMDUwOTA0NTUxMloXDTMzMDUxMDA0NTUxMlow +TjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAldBMRAwDgYDVQQHEwdTZWF0dGxlMQ8w +DQYDVQQKEwZOb3RhcnkxDzANBgNVBAMTBmFscGluZTCCASIwDQYJKoZIhvcNAQEB +BQADggEPADCCAQoCggEBAK5hpq1229GGLjMK6i9KZhuUO+SV7rUFnWIDiIPO5yWx +YDkl+bGroeAvJYu6MVCMQ6FMRXD9jhnG6R+sAHwY7gVgcJ1OXak87PkLp/Ii1Cr7 +XkkySZeD+Br1vSQzfxs3pFG+iBCeVVkeZdsg+xqwnAlqAILXwIbTGRyJP1Xiu9nw +OeuX1YmxPl2m29Pt1EtfVCL9COsVKt5LgOVyWP/9ISWevOBqSCU9bk35HFo9VTeU +f6+ffhSMjv0Y9uwkFFOKXpcV8Sa3ArqyBmgQlUfGg1iwYlqiDE0fTYxiB3gLgETA +lmTm50J+WB9LoDrnrQpbXFLoegm+JV+uSD8J8H7DL2sCAwEAAaMnMCUwDgYDVR0P +AQH/BAQDAgeAMBMGA1UdJQQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBCwUAA4IB +AQAt0Nvna1c4pPn8kzoN5VvmFmeIgdO/BJpmdhdg0WIQ9aeN/xPXXaVjPp1Mk7ed +XHAvBwQr0Gyzqyy7g/h0gdnAFG7f6blrRNzbrRBCq6cNqX8iwgK/9+2OYKxk1QWj +8Gx0cvu1DN1aXjPPGgQ2j3tHjJvJv32J/zuZa8gU40RPPSLaBlc5ZjpFmyi29sKl +TeeZ+F/Ssic51qXXw2CsYGGWK5yQ3xSCxbw6bb2G/s/YI7/KlWg9BktBJHzRu04Z +NR77W7/dyJ3Lj17PlW1XKmMOFHsQivagXeRCbmYZ43fX4ugFRFKL7KE0EgmGOWpJ +0xv+6ig93sqHzQ/0uv1YgFov +-----END CERTIFICATE----- diff --git a/cmd/notation/internal/truststore/truststore.go b/cmd/notation/internal/truststore/truststore.go index 39edb0658..c2365a18f 100644 --- a/cmd/notation/internal/truststore/truststore.go +++ b/cmd/notation/internal/truststore/truststore.go @@ -194,7 +194,7 @@ func DeleteCert(storeType, namedStore, cert string, confirmed bool) error { return nil } -// CheckNonErrNotExistError returns nil when no err or err is fs.ErrNotExist +// CheckNonErrNotExistError returns nil when err is nil or err is fs.ErrNotExist func CheckNonErrNotExistError(err error) error { if err != nil && !errors.Is(err, fs.ErrNotExist) { return err diff --git a/cmd/notation/internal/truststore/truststore_test.go b/cmd/notation/internal/truststore/truststore_test.go index 2693fb4c9..b8aab3635 100644 --- a/cmd/notation/internal/truststore/truststore_test.go +++ b/cmd/notation/internal/truststore/truststore_test.go @@ -15,15 +15,107 @@ package truststore import ( "errors" + "os" "path/filepath" + "runtime" + "strings" "testing" + + "github.com/notaryproject/notation-go/dir" ) -func TestEmptyCertFile(t *testing.T) { - path := filepath.FromSlash("../../../../internal/testdata/Empty.txt") - expectedErr := errors.New("no valid certificate found in the empty file") - err := AddCert(path, "ca", "test", false) - if err == nil || err.Error() != "no valid certificate found in the file" { - t.Fatalf("expected err: %v, got: %v", expectedErr, err) - } +func TestAddCert(t *testing.T) { + defer func(oldDir string) { + dir.UserConfigDir = oldDir + }(dir.UserConfigDir) + + t.Run("empty store type", func(t *testing.T) { + expectedErrMsg := "store type cannot be empty" + err := AddCert("", "", "test", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) + + t.Run("invalid store type", func(t *testing.T) { + expectedErrMsg := "unsupported store type: invalid" + err := AddCert("", "invalid", "test", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) + + t.Run("invalid store name", func(t *testing.T) { + expectedErrMsg := "named store name needs to follow [a-zA-Z0-9_.-]+ format" + err := AddCert("", "ca", "test%", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) + + t.Run("no valid certificate in file", func(t *testing.T) { + path := filepath.FromSlash("testdata/invalid.txt") + expectedErrMsg := "x509: malformed certificate" + err := AddCert(path, "ca", "test", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) + + t.Run("cert already exists", func(t *testing.T) { + dir.UserConfigDir = "testdata" + path := filepath.FromSlash("testdata/self-signed.crt") + expectedErrMsg := "certificate already exists in the Trust Store" + err := AddCert(path, "ca", "test", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) + + t.Run("empty file", func(t *testing.T) { + path := filepath.FromSlash("../../../../internal/testdata/Empty.txt") + expectedErr := errors.New("no valid certificate found in the empty file") + err := AddCert(path, "ca", "test", false) + if err == nil || err.Error() != "no valid certificate found in the file" { + t.Fatalf("expected err: %v, but got: %v", expectedErr, err) + } + }) + + t.Run("failed to add cert to store", func(t *testing.T) { + if runtime.GOOS == "windows" { + t.Skip("skipping test on Windows") + } + + dir.UserConfigDir = t.TempDir() + if err := os.Chmod(dir.UserConfigDir, 0000); err != nil { + t.Fatal(err) + } + defer os.Chmod(dir.UserConfigDir, 0700) + + path := filepath.FromSlash("testdata/NotationTestRoot.pem") + expectedErrMsg := "permission denied" + err := AddCert(path, "ca", "test", false) + if err == nil || !strings.Contains(err.Error(), expectedErrMsg) { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) +} + +func TestDeleteAllCerts(t *testing.T) { + defer func(oldDir string) { + dir.UserConfigDir = oldDir + }(dir.UserConfigDir) + + t.Run("store does not exist", func(t *testing.T) { + if runtime.GOOS == "windows" { + t.Skip("skipping test on Windows") + } + + dir.UserConfigDir = "testdata" + expectedErrMsg := `stat testdata/truststore/x509/tsa/test: no such file or directory` + err := DeleteAllCerts("tsa", "test", true) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected err: %v, but got: %v", expectedErrMsg, err) + } + }) } diff --git a/cmd/notation/plugin/install.go b/cmd/notation/plugin/install.go index b7538fc16..d79924e10 100644 --- a/cmd/notation/plugin/install.go +++ b/cmd/notation/plugin/install.go @@ -132,7 +132,7 @@ func install(command *cobra.Command, opts *pluginInstallOpts) error { } pluginURL, err := url.Parse(opts.pluginSource) if err != nil { - return fmt.Errorf("failed to parse plugin download URL %s with error: %w", pluginURL, err) + return fmt.Errorf("failed to parse plugin download URL %s with error: %w", opts.pluginSource, err) } if pluginURL.Scheme != "https" { return fmt.Errorf("failed to download plugin from URL: only the HTTPS scheme is supported, but got %s", pluginURL.Scheme) diff --git a/cmd/notation/plugin/install_test.go b/cmd/notation/plugin/install_test.go new file mode 100644 index 000000000..6f583d7ed --- /dev/null +++ b/cmd/notation/plugin/install_test.go @@ -0,0 +1,96 @@ +// Copyright The Notary Project Authors. +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package plugin + +import ( + "context" + "os" + "path/filepath" + "runtime" + "strings" + "testing" + + notationplugin "github.com/notaryproject/notation/cmd/notation/internal/plugin" + "github.com/notaryproject/notation/internal/osutil" + "github.com/spf13/cobra" +) + +func TestInstall(t *testing.T) { + t.Run("invalid plugin source url", func(t *testing.T) { + opts := &pluginInstallOpts{ + pluginSourceType: notationplugin.PluginSourceTypeURL, + inputChecksum: "dummy", + pluginSource: "http://[::1]/%", + } + expectedErrMsg := `failed to parse plugin download URL http://[::1]/% with error: parse "http://[::1]/%": invalid URL escape "%"` + err := install(&cobra.Command{}, opts) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected error %s, but got %s", expectedErrMsg, err) + } + }) + + t.Run("unknown plugin source type", func(t *testing.T) { + opts := &pluginInstallOpts{ + pluginSourceType: -1, + } + expectedErrMsg := `plugin installation failed: unknown plugin source type` + err := install(&cobra.Command{}, opts) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected error %s, but got %s", expectedErrMsg, err) + } + }) +} + +func TestInstallPlugin(t *testing.T) { + ctx := context.Background() + t.Run("input path does not exist", func(t *testing.T) { + if runtime.GOOS == "windows" { + t.Skip("skipping test on Windows") + } + expectedErrMsg := `stat invalid: no such file or directory` + err := installPlugin(ctx, "invalid", "", false) + if err == nil || err.Error() != expectedErrMsg { + t.Fatalf("expected error %s, but got %s", expectedErrMsg, err) + } + }) + + t.Run("failed to get file type", func(t *testing.T) { + if runtime.GOOS == "windows" { + t.Skip("skipping test on Windows") + } + + tempDir := t.TempDir() + data := []byte("data") + filename := filepath.Join(tempDir, "a", "file.txt") + if err := osutil.WriteFile(filename, data); err != nil { + t.Fatal(err) + } + err := os.Chmod(tempDir, 0) + if err != nil { + t.Fatal(err) + } + defer func() { + err := os.Chmod(tempDir, 0700) + if err != nil { + t.Fatal(err) + } + }() + + expectedErrMsg := `permission denied` + err = installPlugin(ctx, filename, "", false) + if err == nil || !strings.Contains(err.Error(), expectedErrMsg) { + t.Fatalf("expected permission denied error, but got %s", err) + } + }) +} From 23ff62e25ea8c408a7c6e894df488cfc901bc5a0 Mon Sep 17 00:00:00 2001 From: Patrick Zheng Date: Tue, 5 Nov 2024 11:35:24 +0800 Subject: [PATCH 4/8] fix: discard crl cache error (#1076) Signed-off-by: Patrick Zheng --- cmd/notation/verify.go | 1 + cmd/notation/verify_test.go | 40 +++++++++++++++++++++++++++++++++++++ 2 files changed, 41 insertions(+) diff --git a/cmd/notation/verify.go b/cmd/notation/verify.go index 8943c087c..4565abeb9 100644 --- a/cmd/notation/verify.go +++ b/cmd/notation/verify.go @@ -246,6 +246,7 @@ func getVerifier(ctx context.Context) (notation.Verifier, error) { if err != nil { return nil, err } + crlFetcher.DiscardCacheError = true // discard cache error revocationCodeSigningValidator, err := revocation.NewWithOptions(revocation.Options{ OCSPHTTPClient: ocspHttpClient, CRLFetcher: crlFetcher, diff --git a/cmd/notation/verify_test.go b/cmd/notation/verify_test.go index 23954e11f..4eb5e0e41 100644 --- a/cmd/notation/verify_test.go +++ b/cmd/notation/verify_test.go @@ -15,11 +15,15 @@ package main import ( "context" + "encoding/json" + "os" + "path/filepath" "reflect" "runtime" "testing" "github.com/notaryproject/notation-go/dir" + "github.com/notaryproject/notation-go/verifier/trustpolicy" ) func TestVerifyCommand_BasicArgs(t *testing.T) { @@ -86,6 +90,27 @@ func TestVerifyCommand_MissingArgs(t *testing.T) { } func TestGetVerifier(t *testing.T) { + defer func(oldConfiDir, oldCacheDir string) { + dir.UserConfigDir = oldConfiDir + dir.UserCacheDir = oldCacheDir + }(dir.UserConfigDir, dir.UserCacheDir) + + t.Run("success", func(t *testing.T) { + tempRoot := t.TempDir() + dir.UserConfigDir = tempRoot + path := filepath.Join(tempRoot, "trustpolicy.json") + policyJson, _ := json.Marshal(dummyOCIPolicyDocument()) + if err := os.WriteFile(path, policyJson, 0600); err != nil { + t.Fatalf("TestLoadOCIDocument write policy file failed. Error: %v", err) + } + t.Cleanup(func() { os.RemoveAll(tempRoot) }) + + _, err := getVerifier(context.Background()) + if err != nil { + t.Fatal(err) + } + }) + t.Run("non-existing trust policy", func(t *testing.T) { dir.UserConfigDir = "/" expectedErrMsg := "trust policy is not present. To create a trust policy, see: https://notaryproject.dev/docs/quickstart/#create-a-trust-policy" @@ -107,3 +132,18 @@ func TestGetVerifier(t *testing.T) { } }) } + +func dummyOCIPolicyDocument() trustpolicy.OCIDocument { + return trustpolicy.OCIDocument{ + Version: "1.0", + TrustPolicies: []trustpolicy.OCITrustPolicy{ + { + Name: "test-statement-name", + RegistryScopes: []string{"registry.acme-rockets.io/software/net-monitor"}, + SignatureVerification: trustpolicy.SignatureVerification{VerificationLevel: "strict"}, + TrustStores: []string{"ca:valid-trust-store", "signingAuthority:valid-trust-store"}, + TrustedIdentities: []string{"x509.subject:CN=Notation Test Root,O=Notary,L=Seattle,ST=WA,C=US"}, + }, + }, + } +} From 3c0f47870855b93353c5ee1a4b01a1d19707d756 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 06:54:19 +0000 Subject: [PATCH 5/8] build(deps): Bump codecov/codecov-action from 4.5.0 to 4.6.0 (#1054) --- .github/workflows/build.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a53ff7df9..4f16795ef 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -59,6 +59,6 @@ jobs: make e2e-covdata fi - name: Upload coverage to codecov.io - uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0 + uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} From 27ac51ecf96b19d66b0ed6eb0bd76ee47814ca53 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 06:57:26 +0000 Subject: [PATCH 6/8] build(deps): Bump github.com/notaryproject/notation-go from 1.2.0-beta.1.0.20240926015724-84c2ec076201 to 1.3.0-rc.1 in /test/e2e/plugin (#1051) --- test/e2e/plugin/go.mod | 2 +- test/e2e/plugin/go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/test/e2e/plugin/go.mod b/test/e2e/plugin/go.mod index 50b1f8928..7524d77b7 100644 --- a/test/e2e/plugin/go.mod +++ b/test/e2e/plugin/go.mod @@ -5,7 +5,7 @@ go 1.23 require ( github.com/golang-jwt/jwt v3.2.2+incompatible github.com/notaryproject/notation-core-go v1.2.0-rc.1 - github.com/notaryproject/notation-go v1.2.0-beta.1.0.20240926015724-84c2ec076201 + github.com/notaryproject/notation-go v1.3.0-rc.1 github.com/notaryproject/notation-plugin-framework-go v1.0.0 github.com/spf13/cobra v1.7.0 ) diff --git a/test/e2e/plugin/go.sum b/test/e2e/plugin/go.sum index a62b56746..e9735eacc 100644 --- a/test/e2e/plugin/go.sum +++ b/test/e2e/plugin/go.sum @@ -39,8 +39,8 @@ github.com/jcmturner/rpc/v2 v2.0.3 h1:7FXXj8Ti1IaVFpSAziCZWNzbNuZmnvw/i6CqLNdWfZ github.com/jcmturner/rpc/v2 v2.0.3/go.mod h1:VUJYCIDm3PVOEHw8sgt091/20OJjskO/YJki3ELg/Hc= github.com/notaryproject/notation-core-go v1.2.0-rc.1 h1:VMFlG+9a1JoNAQ3M96g8iqCq0cDRtE7XBaiTD8Ouvqw= github.com/notaryproject/notation-core-go v1.2.0-rc.1/go.mod h1:b/70rA4OgOHlg0A7pb8zTWKJadFO6781zS3a37KHEJQ= -github.com/notaryproject/notation-go v1.2.0-beta.1.0.20240926015724-84c2ec076201 h1:2QBYa9Df+vMwMiaHaFqPoUiwfx5vcPEgM7KbusivTpw= -github.com/notaryproject/notation-go v1.2.0-beta.1.0.20240926015724-84c2ec076201/go.mod h1:F6zMQl3PhVdCsI1xlIjK66kCorUQhWkoMtlZdvJWxFI= +github.com/notaryproject/notation-go v1.3.0-rc.1 h1:pm9tdUy2tWYqlwyRDZyKXgLwAscDATPUYv0ul2RK/Iw= +github.com/notaryproject/notation-go v1.3.0-rc.1/go.mod h1:W4o45yolX4Q+3PKlcpGleLLXEKWHa3BshEqw/JX5c6I= github.com/notaryproject/notation-plugin-framework-go v1.0.0 h1:6Qzr7DGXoCgXEQN+1gTZWuJAZvxh3p8Lryjn5FaLzi4= github.com/notaryproject/notation-plugin-framework-go v1.0.0/go.mod h1:RqWSrTOtEASCrGOEffq0n8pSg2KOgKYiWqFWczRSics= github.com/notaryproject/tspclient-go v0.2.0 h1:g/KpQGmyk/h7j60irIRG1mfWnibNOzJ8WhLqAzuiQAQ= From a165d244e65e127f380f5b2fbbb244233f3d0871 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 06:58:07 +0000 Subject: [PATCH 7/8] build(deps): Bump github.com/spf13/cobra from 1.7.0 to 1.8.1 in /test/e2e/plugin (#1050) --- test/e2e/plugin/go.mod | 2 +- test/e2e/plugin/go.sum | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/test/e2e/plugin/go.mod b/test/e2e/plugin/go.mod index 7524d77b7..86c8e3d58 100644 --- a/test/e2e/plugin/go.mod +++ b/test/e2e/plugin/go.mod @@ -7,7 +7,7 @@ require ( github.com/notaryproject/notation-core-go v1.2.0-rc.1 github.com/notaryproject/notation-go v1.3.0-rc.1 github.com/notaryproject/notation-plugin-framework-go v1.0.0 - github.com/spf13/cobra v1.7.0 + github.com/spf13/cobra v1.8.1 ) require ( diff --git a/test/e2e/plugin/go.sum b/test/e2e/plugin/go.sum index e9735eacc..c10a93932 100644 --- a/test/e2e/plugin/go.sum +++ b/test/e2e/plugin/go.sum @@ -2,7 +2,7 @@ github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358 h1:mFRzDkZVAjdal+ github.com/Azure/go-ntlmssp v0.0.0-20221128193559-754e69321358/go.mod h1:chxPXzSsl7ZWRAuOIE23GDNzjWuZquvFlgA8xmpunjU= github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa h1:LHTHcTQiSGT7VVbI0o4wBRNQIgn917usHWOd6VAffYI= github.com/alexbrainman/sspi v0.0.0-20231016080023-1a75b4708caa/go.mod h1:cEWa1LVoE5KvSD9ONXsZrj0z6KqySlCCNKHlLzbqAt4= -github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= +github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= @@ -52,8 +52,8 @@ github.com/opencontainers/image-spec v1.1.0/go.mod h1:W4s4sFTMaBeK1BQLXbG4AdM2sz github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I= -github.com/spf13/cobra v1.7.0/go.mod h1:uLxZILRyS/50WlhOIKD7W6V5bgeIt+4sICxh6uRMrb0= +github.com/spf13/cobra v1.8.1 h1:e5/vxKd/rZsfSJMUX1agtjeTDf+qv1/JdBF8gg5k9ZM= +github.com/spf13/cobra v1.8.1/go.mod h1:wHxEcudfqmLYa8iTfL+OuZPbBZkmvliBWKIezN3kD9Y= github.com/spf13/pflag v1.0.5 h1:iy+VFUOCP1a+8yFto/drg2CJ5u0yRoB7fZw3DKv/JXA= github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= From 83c6c8919c45e1528ae3d650156f7d3cf680ead9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 06:58:23 +0000 Subject: [PATCH 8/8] build(deps): Bump golang.org/x/term from 0.24.0 to 0.25.0 (#1055) --- go.mod | 4 ++-- go.sum | 8 ++++---- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index 1bd05a047..9bb1e865d 100644 --- a/go.mod +++ b/go.mod @@ -12,7 +12,7 @@ require ( github.com/spf13/cobra v1.8.1 github.com/spf13/pflag v1.0.5 golang.org/x/net v0.29.0 - golang.org/x/term v0.24.0 + golang.org/x/term v0.25.0 oras.land/oras-go/v2 v2.5.0 ) @@ -30,5 +30,5 @@ require ( golang.org/x/crypto v0.27.0 // indirect golang.org/x/mod v0.21.0 // indirect golang.org/x/sync v0.6.0 // indirect - golang.org/x/sys v0.25.0 // indirect + golang.org/x/sys v0.26.0 // indirect ) diff --git a/go.sum b/go.sum index 9eade9e6f..7040eb3aa 100644 --- a/go.sum +++ b/go.sum @@ -107,16 +107,16 @@ golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.25.0 h1:r+8e+loiHxRqhXVl6ML1nO3l1+oFoWbnlu2Ehimmi34= -golang.org/x/sys v0.25.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.26.0 h1:KHjCJyddX0LoSTb3J+vWpupP9p0oznkqVk/IfjymZbo= +golang.org/x/sys v0.26.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= -golang.org/x/term v0.24.0 h1:Mh5cbb+Zk2hqqXNO7S1iTjEphVL+jb8ZWaqh/g+JWkM= -golang.org/x/term v0.24.0/go.mod h1:lOBK/LVxemqiMij05LGJ0tzNr8xlmwBRJ81PX6wVLH8= +golang.org/x/term v0.25.0 h1:WtHI/ltw4NvSUig5KARz9h521QvRC8RmF/cuYqifU24= +golang.org/x/term v0.25.0/go.mod h1:RPyXicDX+6vLxogjjRxjgD2TKtmAO6NZBsBRfrOLu7M= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=