This package has moved to a separate module. Also added linting
rules to prevent accidental reintroduction.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Replaces uses of the github.com/mitchellh/mapstructure module, which
was deprecated by the owner and moved to new maintainership at
github.com/go-viper/mapstructure.
The old module is still referenced as indirect dependency (through
docker/cli and theupdateframework/notary), but not used in code, and
should eventually go away.
full diff: https://github.com/compose-spec/compose-go/compare/v2.1.1...v2.1.2
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Update buildkit dependency to v0.14.0-rc1. Update the tracing
infrastructure to use the new detect API which updates how the delegated
exporter is configured.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
This package is part of the classic builder, and was currently only used
for the IsURL utility, which is a very rudimentary check for a string having
a "https://" or "http://" scheme.
This patch copies the code as non-exported functions where they're used to
remove the dependency.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This version of docker/cli has changes to remove compose-cli wrapper and
move all CLI metrics to OTEL.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
Use a simplified local implementation that follow the same semantics,
so that we don't need k8s.io/apiserver as dependency.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/golang/net/compare/v0.22.0...v0.23.0
Includes a fix for CVE-2023-45288, which is also addressed in go1.22.2
and go1.21.9;
> http2: close connections when receiving too many headers
>
> Maintaining HPACK state requires that we parse and process
> all HEADERS and CONTINUATION frames on a connection.
> When a request's headers exceed MaxHeaderBytes, we don't
> allocate memory to store the excess headers but we do
> parse them. This permits an attacker to cause an HTTP/2
> endpoint to read arbitrary amounts of data, all associated
> with a request which is going to be rejected.
>
> Set a limit on the amount of excess header frames we
> will process before closing a connection.
>
> Thanks to Bartek Nowotarski for reporting this issue.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
The meter provider initialization that was located here has now been
moved to a common area in the docker cli. This upgrades our CLI version
and then uses this common code instead of our own version.
As a piece of additional functionality, the docker OTEL endpoint can now
be overwritten with `DOCKER_CLI_OTEL_EXPORTER_OTLP_ENDPOINT` for
testing.
This removes the OTLP exporter from the CLI that was previously locked
behind `BUILDX_EXPERIMENTAL`. I do plan for this to return, but as a
proper part of the `docker/cli` implementation rather than something
special with `buildx`.
Signed-off-by: Jonathan A. Sternberg <jonathan.sternberg@docker.com>
