Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package rootlesskit for openSUSE:Factory
checked in at 2025-05-20 09:31:13
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/rootlesskit (Old)
and /work/SRC/openSUSE:Factory/.rootlesskit.new.30101 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "rootlesskit"
Tue May 20 09:31:13 2025 rev:14 rq:1277816 version:2.3.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/rootlesskit/rootlesskit.changes 2025-03-16
18:57:57.202879939 +0100
+++ /work/SRC/openSUSE:Factory/.rootlesskit.new.30101/rootlesskit.changes
2025-05-20 09:31:19.464287784 +0200
@@ -1,0 +2,14 @@
+Mon May 12 05:14:06 UTC 2025 - Madhankumar Chellamuthu
<madhankumar.chellamu...@suse.com>
+
+- Update to version 2.3.5:
+ * v2.3.5
+ * Dockerfile: update test deps
+ * Build(deps): Bump github.com/moby/vpnkit from 0.5.0 to 0.6.0
+ * Build(deps): Bump github.com/containernetworking/plugins
+ * Build(deps): Bump golang.org/x/sys from 0.31.0 to 0.32.0
+ * Build(deps): Bump golang.org/x/net from 0.36.0 to 0.38.0
+ * Parameter for ISA of binaries
+ * Build(deps): Bump golang.org/x/net from 0.33.0 to 0.36.0
+ * v2.3.4+dev
+
+-------------------------------------------------------------------
Old:
----
rootlesskit-2.3.4.tar.gz
New:
----
rootlesskit-2.3.5.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ rootlesskit.spec ++++++
--- /var/tmp/diff_new_pack.uBtBYm/_old 2025-05-20 09:31:20.192317738 +0200
+++ /var/tmp/diff_new_pack.uBtBYm/_new 2025-05-20 09:31:20.192317738 +0200
@@ -17,7 +17,7 @@
Name: rootlesskit
-Version: 2.3.4
+Version: 2.3.5
Release: 0
Summary: Linux-native fakeroot using user namespaces
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.uBtBYm/_old 2025-05-20 09:31:20.224319055 +0200
+++ /var/tmp/diff_new_pack.uBtBYm/_new 2025-05-20 09:31:20.228319220 +0200
@@ -4,7 +4,7 @@
<param
name="url">https://github.com/rootless-containers/rootlesskit.git</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v2.3.4</param>
+ <param name="revision">v2.3.5</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.uBtBYm/_old 2025-05-20 09:31:20.248320043 +0200
+++ /var/tmp/diff_new_pack.uBtBYm/_new 2025-05-20 09:31:20.252320207 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/rootless-containers/rootlesskit.git</param>
- <param
name="changesrevision">59a459df858d39ad5f4eafa305545907bf0c48ab</param></service></servicedata>
+ <param
name="changesrevision">0cc0811acc6e4daee71817383e62fb811590bc13</param></service></servicedata>
(No newline at EOF)
++++++ rootlesskit-2.3.4.tar.gz -> rootlesskit-2.3.5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/.github/dependabot.yml
new/rootlesskit-2.3.5/.github/dependabot.yml
--- old/rootlesskit-2.3.4/.github/dependabot.yml 2025-03-10
02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/.github/dependabot.yml 1970-01-01
01:00:00.000000000 +0100
@@ -1,16 +0,0 @@
-version: 2
-updates:
-- package-ecosystem: gomod
- directory: "/"
- schedule:
- interval: daily
- open-pull-requests-limit: 10
- reviewers:
- - AkihiroSuda
-- package-ecosystem: github-actions
- directory: "/"
- schedule:
- interval: daily
- open-pull-requests-limit: 10
- reviewers:
- - AkihiroSuda
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/.github/workflows/main.yaml
new/rootlesskit-2.3.5/.github/workflows/main.yaml
--- old/rootlesskit-2.3.4/.github/workflows/main.yaml 2025-03-10
02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/.github/workflows/main.yaml 1970-01-01
01:00:00.000000000 +0100
@@ -1,242 +0,0 @@
-name: Main
-on: [push, pull_request]
-jobs:
- test-unit:
- name: "Unit test"
- runs-on: ubuntu-24.04
- steps:
- - name: "Check out"
- uses: actions/checkout@v4
- - name: "Build unit test image"
- run: DOCKER_BUILDKIT=1 docker build -t rootlesskit:test-unit --target
test-unit .
- - name: "Unit test"
- run: docker run --rm --privileged rootlesskit:test-unit
- test-cross:
- name: "Cross compilation test"
- runs-on: ubuntu-24.04
- steps:
- - uses: actions/checkout@v4
- - name: "Build binaries"
- run: DOCKER_BUILDKIT=1 docker build -o /tmp/artifact --target
cross-artifact .
- test-integration:
- name: "Integration test"
- runs-on: ubuntu-24.04
- steps:
- - name: "Set up AppArmor"
- run: |
- cat <<EOT | sudo tee "/etc/apparmor.d/home.user.bin.rootlesskit"
- abi <abi/4.0>,
- include <tunables/global>
-
- /home/user/bin/rootlesskit flags=(unconfined) {
- userns,
- }
- EOT
- sudo systemctl restart apparmor.service
- - name: "Check out"
- uses: actions/checkout@v4
- - name: "Build integration test image"
- run: DOCKER_BUILDKIT=1 docker build -t rootlesskit:test-integration
--target test-integration .
- - name: "Integration test: exit-code"
- run: docker run --rm --privileged rootlesskit:test-integration
./integration-exit-code.sh
- - name: "Integration test: propagation"
- run: docker run --rm --privileged rootlesskit:test-integration
./integration-propagation.sh
- - name: "Integration test: propagation (with `mount --make-rshared /`)"
- run: docker run --rm --privileged rootlesskit:test-integration sh -exc
"sudo mount --make-rshared / && ./integration-propagation.sh"
- - name: "Integration test: restart"
- run: docker run --rm --privileged rootlesskit:test-integration
./integration-restart.sh
- - name: "Integration test: port"
- # NOTE: "--net=host" is a bad hack to enable IPv6
- run: docker run --rm --net=host --privileged
rootlesskit:test-integration ./integration-port.sh
- - name: "Integration test: IPv6 routing"
- run: docker run --rm --privileged --sysctl
net.ipv6.conf.all.disable_ipv6=0 rootlesskit:test-integration
./integration-ipv6.sh
- - name: "Integration test: systemd socket activation"
- run: docker run --rm --net=none --privileged
rootlesskit:test-integration ./integration-systemd-socket.sh
- - name: "Integration test: Network (network driver=slirp4netns)"
- run: |
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh slirp4netns
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh slirp4netns --detach-netns
- - name: "Integration test: Network (network driver=vpnkit)"
- run: |
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh vpnkit
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh vpnkit --detach-netns
- - name: "Integration test: Network (network driver=lxc-user-nic)"
- run: |
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh lxc-user-nic
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh lxc-user-nic --detach-netns
- - name: "Integration test: Network (network driver=pasta)"
- run: |
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh pasta
- docker run --rm --privileged rootlesskit:test-integration
./integration-net.sh pasta --detach-netns
-# ===== Benchmark: Network (MTU=1500) =====
- - name: "Benchmark: Network (MTU=1500, network driver=slirp4netns)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh slirp4netns
1500
- - name: "Benchmark: Network (MTU=1500, network driver=slirp4netns with
sandbox and seccomp)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh slirp4netns
1500 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto
- - name: "Benchmark: Network (MTU=1500, network driver=slirp4netns with
sandbox and seccomp) with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh slirp4netns
1500 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto --detach-netns
-# NOTE: MTU greater than 16424 is known not to work for VPNKit.
-# Also, MTU greather than 4K might not be effective for VPNKit:
https://twitter.com/mugofsoup/status/1017665057738641408
- - name: "Benchmark: Network (MTU=1500, network driver=vpnkit)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh vpnkit 1500
- - name: "Benchmark: Network (MTU=1500, network driver=vpnkit) with
detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh vpnkit 1500
--detach-netns
- - name: "Benchmark: Network (MTU=1500, network driver=pasta)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh pasta 1500
- - name: "Benchmark: Network (MTU=1500, network driver=pasta) with
detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh pasta 1500
--detach-netns
- - name: "Benchmark: Network (MTU=1500, network driver=lxc-user-nic)"
- run: |
- docker run --rm --privileged \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh lxc-user-nic
1500
- - name: "Benchmark: Network (MTU=1500, network driver=lxc-user-nic) with
detach-netns"
- run: |
- docker run --rm --privileged \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh lxc-user-nic
1500 --detach-netns
- - name: "Benchmark: Network (MTU=1500, rootful veth for comparison)"
- run: |
- docker run --rm --privileged \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh rootful_veth
1500
-# ===== Benchmark: Network (MTU=65520) =====
- - name: "Benchmark: Network (MTU=65520, network driver=slirp4netns)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh slirp4netns
65520
- - name: "Benchmark: Network (MTU=65520, network driver=slirp4netns with
sandbox and seccomp)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh slirp4netns
65520 --slirp4netns-sandbox=auto --slirp4netns-seccomp=auto
- - name: "Benchmark: Network (MTU=65520, network driver=pasta)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh pasta 65520
- - name: "Benchmark: Network (MTU=65520, network driver=lxc-user-nic)"
- run: |
- docker run --rm --privileged \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh lxc-user-nic
65520
- - name: "Benchmark: Network (MTU=65520, rootful veth for comparison)"
- run: |
- docker run --rm --privileged \
- rootlesskit:test-integration ./benchmark-iperf3-net.sh rootful_veth
65520
-# ===== Benchmark: TCP Ports =====
- - name: "Benchmark: TCP Ports (network driver=slirp4netns, port
driver=slirp4netns)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh slirp4netns
- - name: "Benchmark: TCP Ports (network driver=slirp4netns, port
driver=slirp4netns) with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh slirp4netns
--detach-netns
- - name: "Benchmark: TCP Ports (network driver=slirp4netns, port
driver=builtin)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh builtin
- - name: "Benchmark: TCP Ports (network driver=slirp4netns, port
driver=builtin) with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh builtin
--detach-netns
- - name: "Benchmark: TCP Ports (network driver=pasta, port driver=implicit)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh implicit
--net=pasta
- - name: "Benchmark: TCP Ports (network driver=pasta, port driver=implicit)
with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port.sh implicit
--net=pasta --detach-netns
-# ===== Benchmark: UDP Ports =====
- - name: "Benchmark: UDP Ports (port driver=slirp4netns)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh
slirp4netns
- - name: "Benchmark: UDP Ports (port driver=slirp4netns) with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh
slirp4netns --detach-netns
- - name: "Benchmark: UDP Ports (network driver=pasta, port driver=implicit)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh implicit
--net=pasta
- - name: "Benchmark: UDP Ports (network driver=pasta, port driver=implicit)
with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh implicit
--net=pasta --detach-netns
- - name: "Benchmark: UDP Ports (port driver=builtin)"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh builtin
- - name: "Benchmark: UDP Ports (port driver=builtin) with detach-netns"
- run: |
- docker run --rm --security-opt seccomp=unconfined --security-opt
apparmor=unconfined --device /dev/net/tun \
- rootlesskit:test-integration ./benchmark-iperf3-port-udp.sh builtin
--detach-netns
-
- test-integration-docker:
- name: "Integration test (Docker)"
- runs-on: ubuntu-24.04
- strategy:
- fail-fast: false
- matrix:
- # The design of the proxy was changed in Docker v28.
- # rootlesskit-docker-proxy is no longer used since Docker v28.
- docker_version: [27.5.1, 28.0.1]
- steps:
- - name: "Set up AppArmor"
- run: |
- cat <<EOT | sudo tee "/etc/apparmor.d/home.user.bin.rootlesskit"
- abi <abi/4.0>,
- include <tunables/global>
-
- /home/user/bin/rootlesskit flags=(unconfined) {
- userns,
- }
- EOT
- sudo systemctl restart apparmor.service
- - name: "Check out"
- uses: actions/checkout@v4
- - name: "Build integration test image"
- run: DOCKER_BUILDKIT=1 docker build -t
rootlesskit:test-integration-docker --target test-integration-docker
--build-arg DOCKER_VERSION .
- env:
- DOCKER_VERSION: ${{ matrix.docker_version }}
- - name: "Create a custom network to avoid IP confusion"
- run: docker network create custom
- - name: "Docker Integration test: net=slirp4netns, port-driver=builtin"
- run: |
- docker run -d --name test --network custom --privileged -e
DOCKERD_ROOTLESS_ROOTLESSKIT_NET=slirp4netns -e
DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=builtin
rootlesskit:test-integration-docker
- sleep 2
- docker exec test docker info
- docker exec test ./integration-docker.sh
- docker rm -f test
- - name: "Docker Integration test: net=slirp4netns, port-driver=slirp4netns"
- run: |
- docker run -d --name test --network custom --privileged -e
DOCKERD_ROOTLESS_ROOTLESSKIT_NET=slirp4netns -e
DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=slirp4netns
rootlesskit:test-integration-docker
- sleep 2
- docker exec test docker info
- docker exec test ./integration-docker.sh
- docker rm -f test
- - name: "Docker Integration test: net=vpnkit, port-driver=builtin"
- run: |
- docker run -d --name test --network custom --privileged -e
DOCKERD_ROOTLESS_ROOTLESSKIT_NET=vpnkit -e
DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=builtin
rootlesskit:test-integration-docker
- sleep 2
- docker exec test docker info
- docker exec test ./integration-docker.sh
- docker rm -f test
- - name: "Docker Integration test: net=pasta, port-driver=implicit"
- run: |
- docker run -d --name test --network custom --privileged -e
DOCKERD_ROOTLESS_ROOTLESSKIT_NET=pasta -e
DOCKERD_ROOTLESS_ROOTLESSKIT_PORT_DRIVER=implicit
rootlesskit:test-integration-docker
- sleep 2
- docker exec test docker info
- docker exec test ./integration-docker.sh
- docker rm -f test
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/.github/workflows/release.yaml
new/rootlesskit-2.3.5/.github/workflows/release.yaml
--- old/rootlesskit-2.3.4/.github/workflows/release.yaml 2025-03-10
02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/.github/workflows/release.yaml 1970-01-01
01:00:00.000000000 +0100
@@ -1,64 +0,0 @@
-# Release guide (since v0.9.0):
-# 1. Bump up the version string to `vX.Y.Z` (or `vX.Y.Z-beta.W`) in
`pkg/version/version.go`.
-# 2. `git commit -a -s -m vX.Y.Z`
-# 3. Bump up the version string to `vX.Y.Z+dev` (or `vX.Y.Z-beta.W`+dev) in
`pkg/version/version.go`.
-# 4. `git commit -a -s -m vX.Y.Z+dev`
-# 5. Open a PR and merge it.
-# 6. Create a tag `v.X.Y.Z` for the `vX.Y.Z` commit, and push the tag to the
upstream: `git push upstream vX.Y.Z`
-# 7. GitHub Actions automatically ships a draft release with a statically
compiled binary: https://github.com/rootless-containers/rootlesskit/releases
-# If it fails, check the GitHub Actions log:
https://github.com/rootless-containers/rootlesskit/actions?query=workflow%3ARelease
-# 8. Add release notes to the draft release and ship the release.
-name: Release
-on:
- push:
- tags:
- - 'v*'
-
-jobs:
- release:
- runs-on: ubuntu-24.04
- # The maximum access is "read" for PRs from public forked repos
- #
https://docs.github.com/en/actions/security-guides/automatic-token-authentication#permissions-for-the-github_token
- permissions:
- contents: write # for releases
- id-token: write # for provenances
- attestations: write # for provenances
- steps:
- - uses: actions/checkout@v4
- - name: "Build binaries"
- run: DOCKER_BUILDKIT=1 docker build -o /tmp/artifact --target
cross-artifact .
- - name: "SHA256SUMS"
- run: (cd /tmp/artifact; sha256sum *) | tee /tmp/SHA256SUMS
- - name: "The sha256sum of the SHA256SUMS file"
- run: sha256sum /tmp/SHA256SUMS
- - name: "Prepare the release note"
- run: |
- shasha=$(sha256sum /tmp/SHA256SUMS | awk '{print $1}')
- cat << EOF | tee /tmp/release-note.txt
- #### Changes
- (To be documented)
-
- #### Install
- \`\`\`
- mkdir -p ~/bin
- curl -sSL https://github.com/${{ github.repository
}}/releases/download/${tag}/rootlesskit-\$(uname -m).tar.gz | tar Cxzv ~/bin
- \`\`\`
-
- #### About the binaries
- The binaries were built automatically on GitHub Actions.
- See the log to verify SHA256SUMS.
- https://github.com/${{ github.repository }}/actions/runs/${{
github.run_id }}
- The sha256sum of the SHA256SUMS file itself is ${shasha} .
- EOF
- - uses: actions/attest-build-provenance@v2
- if: github.event_name == 'push' && startsWith(github.ref, 'refs/tags/v')
- with:
- subject-path: |
- /tmp/artifact/*
- /tmp/SHA256SUMS
- - name: "Create release"
- env:
- GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
- run: |
- tag="${GITHUB_REF##*/}"
- gh release create -F /tmp/release-note.txt --draft --title "${tag}"
"${tag}" /tmp/artifact/* /tmp/SHA256SUMS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/.gitignore
new/rootlesskit-2.3.5/.gitignore
--- old/rootlesskit-2.3.4/.gitignore 2025-03-10 02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/.gitignore 1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-bin/
-_artifact/
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/Dockerfile
new/rootlesskit-2.3.5/Dockerfile
--- old/rootlesskit-2.3.4/Dockerfile 2025-03-10 02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/Dockerfile 2025-05-08 07:12:43.000000000 +0200
@@ -1,10 +1,10 @@
ARG GO_VERSION=1.24
ARG UBUNTU_VERSION=24.04
-ARG SHADOW_VERSION=4.16.0
+ARG SHADOW_VERSION=4.17.4
ARG SLIRP4NETNS_VERSION=v1.3.2
-ARG VPNKIT_VERSION=0.5.0
-ARG PASST_VERSION=2025_02_17.a1e48a0
-ARG DOCKER_VERSION=28.0.1
+ARG VPNKIT_VERSION=0.6.0
+ARG PASST_VERSION=2025_04_15.2340bbf
+ARG DOCKER_VERSION=28.1.1
ARG DOCKER_CHANNEL=stable
FROM golang:${GO_VERSION}-alpine AS build
@@ -44,7 +44,7 @@
make && \
cp src/newuidmap src/newgidmap /usr/bin
-FROM djs55/vpnkit:${VPNKIT_VERSION} AS vpnkit
+FROM moby/vpnkit-bin:${VPNKIT_VERSION} AS vpnkit
FROM ubuntu:${UBUNTU_VERSION} AS passt
ENV DEBIAN_FRONTEND=noninteractive
@@ -77,7 +77,7 @@
COPY --from=artifact /rootlesskit /home/user/bin/
COPY --from=artifact /rootlessctl /home/user/bin/
ARG SLIRP4NETNS_VERSION
-RUN curl -sSL -o /home/user/bin/slirp4netns
https://github.com/rootless-containers/slirp4netns/releases/download/${SLIRP4NETNS_VERSION}/slirp4netns-x86_64
&& \
+RUN curl -sSL -o /home/user/bin/slirp4netns
https://github.com/rootless-containers/slirp4netns/releases/download/${SLIRP4NETNS_VERSION}/slirp4netns-$(uname
-m) && \
chmod +x /home/user/bin/slirp4netns
COPY --from=vpnkit /vpnkit /home/user/bin/vpnkit
COPY --from=passt /usr/local /usr/local
@@ -94,7 +94,7 @@
FROM test-integration AS test-integration-docker
ARG DOCKER_VERSION
ARG DOCKER_CHANNEL
-RUN curl -fsSL
https://download.docker.com/linux/static/${DOCKER_CHANNEL}/x86_64/docker-${DOCKER_VERSION}.tgz
| tar xz --strip-components=1 -C /home/user/bin/
+RUN curl -fsSL
https://download.docker.com/linux/static/${DOCKER_CHANNEL}/$(uname
-m)/docker-${DOCKER_VERSION}.tgz | tar xz --strip-components=1 -C
/home/user/bin/
RUN curl -fsSL -o /home/user/bin/dockerd-rootless.sh
https://raw.githubusercontent.com/moby/moby/v${DOCKER_VERSION}/contrib/dockerd-rootless.sh
&& \
chmod +x /home/user/bin/dockerd-rootless.sh
# rootlesskit-docker-proxy is no longer needed since Docker v28
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/go.mod new/rootlesskit-2.3.5/go.mod
--- old/rootlesskit-2.3.4/go.mod 2025-03-10 02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/go.mod 2025-05-08 07:12:43.000000000 +0200
@@ -4,26 +4,26 @@
require (
github.com/Masterminds/semver/v3 v3.3.1
- github.com/containernetworking/plugins v1.6.2
+ github.com/containernetworking/plugins v1.7.1
github.com/gofrs/flock v0.12.1
github.com/google/uuid v1.6.0
github.com/gorilla/mux v1.8.1
github.com/insomniacslk/dhcp v0.0.0-20250109001534-8abf58130905
github.com/moby/sys/mountinfo v0.7.2
- github.com/moby/vpnkit v0.5.0
+ github.com/moby/vpnkit v0.6.0
github.com/sirupsen/logrus v1.9.3
github.com/songgao/water v0.0.0-20200317203138-2b4b6d7c09d8
github.com/urfave/cli/v2 v2.27.6
- golang.org/x/sys v0.31.0
+ golang.org/x/sys v0.32.0
gotest.tools/v3 v3.5.2
)
require (
github.com/cpuguy83/go-md2man/v2 v2.0.5 // indirect
- github.com/google/go-cmp v0.6.0 // indirect
+ github.com/google/go-cmp v0.7.0 // indirect
github.com/pierrec/lz4/v4 v4.1.21 // indirect
github.com/russross/blackfriday/v2 v2.1.0 // indirect
github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701 // indirect
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect
- golang.org/x/net v0.33.0 // indirect
+ golang.org/x/net v0.38.0 // indirect
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/go.sum new/rootlesskit-2.3.5/go.sum
--- old/rootlesskit-2.3.4/go.sum 2025-03-10 02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/go.sum 2025-05-08 07:12:43.000000000 +0200
@@ -1,9 +1,9 @@
github.com/Masterminds/semver/v3 v3.3.1
h1:QtNSWtVZ3nBfk8mAOu/B6v7FMJ+NHTIgUPi7rj+4nv4=
github.com/Masterminds/semver/v3 v3.3.1/go.mod
h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM=
-github.com/containernetworking/cni v1.2.3
h1:hhOcjNVUQTnzdRJ6alC5XF+wd9mfGIUaj8FuJbEslXM=
-github.com/containernetworking/cni v1.2.3/go.mod
h1:DuLgF+aPd3DzcTQTtp/Nvl1Kim23oFKdm2okJzBQA5M=
-github.com/containernetworking/plugins v1.6.2
h1:pqP8Mq923TLyef5g97XfJ/xpDeVek4yF8A4mzy9Tc4U=
-github.com/containernetworking/plugins v1.6.2/go.mod
h1:SP5UG3jDO9LtmfbBJdP+nl3A1atOtbj2MBOYsnaxy64=
+github.com/containernetworking/cni v1.3.0
h1:v6EpN8RznAZj9765HhXQrtXgX+ECGebEYEmnuFjskwo=
+github.com/containernetworking/cni v1.3.0/go.mod
h1:Bs8glZjjFfGPHMw6hQu82RUgEPNGEaBb9KS5KtNMnJ4=
+github.com/containernetworking/plugins v1.7.1
h1:CNAR0jviDj6FS5Vg85NTgKWLDzZPfi/lj+VJfhMDTIs=
+github.com/containernetworking/plugins v1.7.1/go.mod
h1:xuMdjuio+a1oVQsHKjr/mgzuZ24leAsqUYRnzGoXHy0=
github.com/cpuguy83/go-md2man/v2 v2.0.5
h1:ZtcqGrnekaHpVLArFSe4HK5DoKx1T0rq2DwVB0alcyc=
github.com/cpuguy83/go-md2man/v2 v2.0.5/go.mod
h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
github.com/davecgh/go-spew v1.1.0/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
@@ -15,10 +15,10 @@
github.com/go-task/slim-sprig/v3 v3.0.0/go.mod
h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8=
github.com/gofrs/flock v0.12.1 h1:MTLVXXHf8ekldpJk3AKicLij9MdwOWkZ+a/jHHZby9E=
github.com/gofrs/flock v0.12.1/go.mod
h1:9zxTsyu5xtJ9DK+1tFZyibEV7y3uwDxPPfbxeeHCoD0=
-github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
-github.com/google/go-cmp v0.6.0/go.mod
h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db
h1:097atOisP2aRj7vFgYQBbFN4U4JNXUNYpxael3UzMyo=
-github.com/google/pprof v0.0.0-20241029153458-d1b30febd7db/go.mod
h1:vavhavw2zAxS5dIdcRluK6cSGGPlZynqzFM8NdvU144=
+github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
+github.com/google/go-cmp v0.7.0/go.mod
h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
+github.com/google/pprof v0.0.0-20250403155104-27863c87afa6
h1:BHT72Gu3keYf3ZEu2J0b1vyeLSOYI8bm5wbJM/8yDe8=
+github.com/google/pprof v0.0.0-20250403155104-27863c87afa6/go.mod
h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
github.com/google/uuid v1.6.0/go.mod
h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
github.com/gorilla/mux v1.8.1 h1:TuBL49tXwgrFYWhqrNgrUNEY92u81SPhu7sTdzQEiWY=
@@ -27,12 +27,12 @@
github.com/insomniacslk/dhcp v0.0.0-20250109001534-8abf58130905/go.mod
h1:VvGYjkZoJyKqlmT1yzakUs4mfKMNB0XdODP0+rdml6k=
github.com/moby/sys/mountinfo v0.7.2
h1:1shs6aH5s4o5H2zQLn796ADW1wMrIwHsyJ2v9KouLrg=
github.com/moby/sys/mountinfo v0.7.2/go.mod
h1:1YOa8w8Ih7uW0wALDUgT1dTTSBrZ+HiBLGws92L2RU4=
-github.com/moby/vpnkit v0.5.0 h1:VcDpS9y+PmT9itf+mH5Qdh9GME7ungLMt9yjf9o4REY=
-github.com/moby/vpnkit v0.5.0/go.mod
h1:KyjUrL9cb6ZSNNAUwZfqRjhwwgJ3BJN+kXh0t43WTUQ=
-github.com/onsi/ginkgo/v2 v2.22.0
h1:Yed107/8DjTr0lKCNt7Dn8yQ6ybuDRQoMGrNFKzMfHg=
-github.com/onsi/ginkgo/v2 v2.22.0/go.mod
h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo=
-github.com/onsi/gomega v1.36.0 h1:Pb12RlruUtj4XUuPUqeEWc6j5DkVVVA49Uf6YLfC95Y=
-github.com/onsi/gomega v1.36.0/go.mod
h1:PvZbdDc8J6XJEpDK4HCuRBm8a6Fzp9/DmhC9C7yFlog=
+github.com/moby/vpnkit v0.6.0 h1:HEh3iQ57oigvPNbR89R14pw3difgPyFOMMD3JAoqPoY=
+github.com/moby/vpnkit v0.6.0/go.mod
h1:CNuEpfSK4ZY/NKFWD5M79GUZcYFydh81XQ2GZnT44cQ=
+github.com/onsi/ginkgo/v2 v2.23.4
h1:ktYTpKJAVZnDT4VjxSbiBenUjmlL/5QkBEocaWXiQus=
+github.com/onsi/ginkgo/v2 v2.23.4/go.mod
h1:Bt66ApGPBFzHyR+JO10Zbt0Gsp4uWxu5mIOTusL46e8=
+github.com/onsi/gomega v1.37.0 h1:CdEG8g0S133B4OswTDC/5XPSzE1OeP29QOioj2PID2Y=
+github.com/onsi/gomega v1.37.0/go.mod
h1:8D9+Txp43QWKhM24yyOBEdpkzN8FvJyAwecBgsU4KU0=
github.com/pierrec/lz4/v4 v4.1.21
h1:yOVMLb6qSIDP67pl/5F7RepeKYu/VmTyEXvuMI5d9mQ=
github.com/pierrec/lz4/v4 v4.1.21/go.mod
h1:gZWDp/Ze/IJXGXf23ltt2EXimqmTUXEy0GFuRQyBid4=
github.com/pmezard/go-difflib v1.0.0
h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
@@ -51,19 +51,21 @@
github.com/u-root/uio v0.0.0-20240224005618-d2acac8f3701/go.mod
h1:P3a5rG4X7tI17Nn3aOIAYr5HbIMukwXG0urG0WuL8OA=
github.com/urfave/cli/v2 v2.27.6
h1:VdRdS98FNhKZ8/Az8B7MTyGQmpIr36O1EHybx/LaZ4g=
github.com/urfave/cli/v2 v2.27.6/go.mod
h1:3Sevf16NykTbInEnD0yKkjDAeZDS0A6bzhBH5hrMvTQ=
-github.com/vishvananda/netns v0.0.4
h1:Oeaw1EM2JMxD51g9uhtC0D7erkIjgmj8+JZc26m1YX8=
-github.com/vishvananda/netns v0.0.4/go.mod
h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
+github.com/vishvananda/netns v0.0.5
h1:DfiHV+j8bA32MFM7bfEunvT8IAqQ/NzSJHtcmW5zdEY=
+github.com/vishvananda/netns v0.0.5/go.mod
h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZlaprSwhNNJM=
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1
h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4=
github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod
h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM=
-golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
-golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+go.uber.org/automaxprocs v1.6.0 h1:O3y2/QNTOdbF+e/dpXNNW7Rx2hZ4sTIPyybbxyNqTUs=
+go.uber.org/automaxprocs v1.6.0/go.mod
h1:ifeIMSnPZuznNm6jmdzmU3/bfk01Fe2fotchwEFJ8r8=
+golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8=
+golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8=
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod
h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik=
-golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
-golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
-golang.org/x/text v0.21.0/go.mod
h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/tools v0.26.0 h1:v/60pFQmzmT9ExmjDv2gGIfi3OqfKoEP6I5+umXlbnQ=
-golang.org/x/tools v0.26.0/go.mod
h1:TPVVj70c7JJ3WCazhD8OdXcZg/og+b9+tH/KxylGwH0=
+golang.org/x/sys v0.32.0 h1:s77OFDvIQeibCmezSnk/q6iAfkdiQaJi4VzroCFrN20=
+golang.org/x/sys v0.32.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY=
+golang.org/x/text v0.23.0/go.mod
h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4=
+golang.org/x/tools v0.31.0 h1:0EedkvKDbh+qistFTd0Bcwe/YLh4vHwWEkiI0toFIBU=
+golang.org/x/tools v0.31.0/go.mod
h1:naFTU+Cev749tSJRXJlna0T3WxKvb1kWEx15xA4SdmQ=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod
h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod
h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/rootlesskit-2.3.4/pkg/version/version.go
new/rootlesskit-2.3.5/pkg/version/version.go
--- old/rootlesskit-2.3.4/pkg/version/version.go 2025-03-10
02:52:05.000000000 +0100
+++ new/rootlesskit-2.3.5/pkg/version/version.go 2025-05-08
07:12:43.000000000 +0200
@@ -1,3 +1,3 @@
package version
-const Version = "2.3.4"
+const Version = "2.3.5"
++++++ vendor.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/github.com/google/go-cmp/cmp/internal/function/func.go
new/vendor/github.com/google/go-cmp/cmp/internal/function/func.go
--- old/vendor/github.com/google/go-cmp/cmp/internal/function/func.go
2025-03-13 06:20:57.000000000 +0100
+++ new/vendor/github.com/google/go-cmp/cmp/internal/function/func.go
2025-05-12 07:14:06.000000000 +0200
@@ -19,6 +19,7 @@
tbFunc // func(T) bool
ttbFunc // func(T, T) bool
+ ttiFunc // func(T, T) int
trbFunc // func(T, R) bool
tibFunc // func(T, I) bool
trFunc // func(T) R
@@ -28,11 +29,13 @@
Transformer = trFunc // func(T) R
ValueFilter = ttbFunc // func(T, T) bool
Less = ttbFunc // func(T, T) bool
+ Compare = ttiFunc // func(T, T) int
ValuePredicate = tbFunc // func(T) bool
KeyValuePredicate = trbFunc // func(T, R) bool
)
var boolType = reflect.TypeOf(true)
+var intType = reflect.TypeOf(0)
// IsType reports whether the reflect.Type is of the specified function type.
func IsType(t reflect.Type, ft funcType) bool {
@@ -49,6 +52,10 @@
if ni == 2 && no == 1 && t.In(0) == t.In(1) && t.Out(0) ==
boolType {
return true
}
+ case ttiFunc: // func(T, T) int
+ if ni == 2 && no == 1 && t.In(0) == t.In(1) && t.Out(0) ==
intType {
+ return true
+ }
case trbFunc: // func(T, R) bool
if ni == 2 && no == 1 && t.Out(0) == boolType {
return true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/github.com/google/go-cmp/cmp/options.go
new/vendor/github.com/google/go-cmp/cmp/options.go
--- old/vendor/github.com/google/go-cmp/cmp/options.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/github.com/google/go-cmp/cmp/options.go 2025-05-12
07:14:06.000000000 +0200
@@ -232,7 +232,15 @@
if t := s.curPath.Index(-2).Type(); t.Name() != "" {
// Named type with unexported fields.
name = fmt.Sprintf("%q.%v", t.PkgPath(), t.Name()) //
e.g., "path/to/package".MyType
- if _, ok := reflect.New(t).Interface().(error); ok {
+ isProtoMessage := func(t reflect.Type) bool {
+ m, ok :=
reflect.PointerTo(t).MethodByName("ProtoReflect")
+ return ok && m.Type.NumIn() == 1 &&
m.Type.NumOut() == 1 &&
+ m.Type.Out(0).PkgPath() ==
"google.golang.org/protobuf/reflect/protoreflect" &&
+ m.Type.Out(0).Name() == "Message"
+ }
+ if isProtoMessage(t) {
+ help = `consider using
"google.golang.org/protobuf/testing/protocmp".Transform to compare
proto.Message types`
+ } else if _, ok := reflect.New(t).Interface().(error);
ok {
help = "consider using cmpopts.EquateErrors to
compare error values"
} else if t.Comparable() {
help = "consider using cmpopts.EquateComparable
to compare comparable Go types"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/github.com/moby/vpnkit/go/pkg/vmnet/vmnet.go
new/vendor/github.com/moby/vpnkit/go/pkg/vmnet/vmnet.go
--- old/vendor/github.com/moby/vpnkit/go/pkg/vmnet/vmnet.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/github.com/moby/vpnkit/go/pkg/vmnet/vmnet.go 2025-05-12
07:14:06.000000000 +0200
@@ -576,15 +576,14 @@
if err != nil {
return nil, err
}
+
ethernet, err = ParseEthernetFrame(response)
if err != nil {
continue
}
- for i, x := range ethernet.Dst {
- if i > len(v.ClientMAC) || v.ClientMAC[i] != x {
- // intended for someone else
- continue
- }
+ if !hwaddrIsBroadcast(ethernet.Dst) &&
!hwaddrIsEqual(ethernet.Dst, v.ClientMAC) {
+ // intended for someone else
+ continue
}
ipv4, err = ParseIpv4(ethernet.Data)
if err != nil {
@@ -604,10 +603,14 @@
// truncated
continue
}
- if udpv4.Data[240] != 53 || udpv4.Data[241] != 1 ||
udpv4.Data[242] != 2 {
+ if udpv4.Data[0] != 2 {
// not a DHCP offer
continue
}
+ if udpv4.Data[4] != 1 || udpv4.Data[5] != 0 || udpv4.Data[6] !=
0 || udpv4.Data[7] != 0 {
+ // not our XID
+ continue
+ }
var ip net.IP
ip = udpv4.Data[16:20]
finished = true // will terminate sending goroutine
@@ -615,3 +618,21 @@
}
}
+
+func hwaddrIsBroadcast(mac net.HardwareAddr) bool {
+ for _, b := range mac {
+ if b != 0xff {
+ return false
+ }
+ }
+ return true
+}
+
+func hwaddrIsEqual(a, b net.HardwareAddr) bool {
+ for i, x := range a {
+ if i > len(b) || b[i] != x {
+ return false
+ }
+ }
+ return true
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/unix/syscall_darwin.go
new/vendor/golang.org/x/sys/unix/syscall_darwin.go
--- old/vendor/golang.org/x/sys/unix/syscall_darwin.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/syscall_darwin.go 2025-05-12
07:14:06.000000000 +0200
@@ -602,7 +602,150 @@
return
}
-//sys connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags
uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error)
+// sys connectx(fd int, endpoints *SaEndpoints, associd SaeAssocID, flags
uint32, iov []Iovec, n *uintptr, connid *SaeConnID) (err error)
+const minIovec = 8
+
+func Readv(fd int, iovs [][]byte) (n int, err error) {
+ if !darwinKernelVersionMin(11, 0, 0) {
+ return 0, ENOSYS
+ }
+
+ iovecs := make([]Iovec, 0, minIovec)
+ iovecs = appendBytes(iovecs, iovs)
+ n, err = readv(fd, iovecs)
+ readvRacedetect(iovecs, n, err)
+ return n, err
+}
+
+func Preadv(fd int, iovs [][]byte, offset int64) (n int, err error) {
+ if !darwinKernelVersionMin(11, 0, 0) {
+ return 0, ENOSYS
+ }
+ iovecs := make([]Iovec, 0, minIovec)
+ iovecs = appendBytes(iovecs, iovs)
+ n, err = preadv(fd, iovecs, offset)
+ readvRacedetect(iovecs, n, err)
+ return n, err
+}
+
+func Writev(fd int, iovs [][]byte) (n int, err error) {
+ if !darwinKernelVersionMin(11, 0, 0) {
+ return 0, ENOSYS
+ }
+
+ iovecs := make([]Iovec, 0, minIovec)
+ iovecs = appendBytes(iovecs, iovs)
+ if raceenabled {
+ raceReleaseMerge(unsafe.Pointer(&ioSync))
+ }
+ n, err = writev(fd, iovecs)
+ writevRacedetect(iovecs, n)
+ return n, err
+}
+
+func Pwritev(fd int, iovs [][]byte, offset int64) (n int, err error) {
+ if !darwinKernelVersionMin(11, 0, 0) {
+ return 0, ENOSYS
+ }
+
+ iovecs := make([]Iovec, 0, minIovec)
+ iovecs = appendBytes(iovecs, iovs)
+ if raceenabled {
+ raceReleaseMerge(unsafe.Pointer(&ioSync))
+ }
+ n, err = pwritev(fd, iovecs, offset)
+ writevRacedetect(iovecs, n)
+ return n, err
+}
+
+func appendBytes(vecs []Iovec, bs [][]byte) []Iovec {
+ for _, b := range bs {
+ var v Iovec
+ v.SetLen(len(b))
+ if len(b) > 0 {
+ v.Base = &b[0]
+ } else {
+ v.Base = (*byte)(unsafe.Pointer(&_zero))
+ }
+ vecs = append(vecs, v)
+ }
+ return vecs
+}
+
+func writevRacedetect(iovecs []Iovec, n int) {
+ if !raceenabled {
+ return
+ }
+ for i := 0; n > 0 && i < len(iovecs); i++ {
+ m := int(iovecs[i].Len)
+ if m > n {
+ m = n
+ }
+ n -= m
+ if m > 0 {
+ raceReadRange(unsafe.Pointer(iovecs[i].Base), m)
+ }
+ }
+}
+
+func readvRacedetect(iovecs []Iovec, n int, err error) {
+ if !raceenabled {
+ return
+ }
+ for i := 0; n > 0 && i < len(iovecs); i++ {
+ m := int(iovecs[i].Len)
+ if m > n {
+ m = n
+ }
+ n -= m
+ if m > 0 {
+ raceWriteRange(unsafe.Pointer(iovecs[i].Base), m)
+ }
+ }
+ if err == nil {
+ raceAcquire(unsafe.Pointer(&ioSync))
+ }
+}
+
+func darwinMajorMinPatch() (maj, min, patch int, err error) {
+ var un Utsname
+ err = Uname(&un)
+ if err != nil {
+ return
+ }
+
+ var mmp [3]int
+ c := 0
+Loop:
+ for _, b := range un.Release[:] {
+ switch {
+ case b >= '0' && b <= '9':
+ mmp[c] = 10*mmp[c] + int(b-'0')
+ case b == '.':
+ c++
+ if c > 2 {
+ return 0, 0, 0, ENOTSUP
+ }
+ case b == 0:
+ break Loop
+ default:
+ return 0, 0, 0, ENOTSUP
+ }
+ }
+ if c != 2 {
+ return 0, 0, 0, ENOTSUP
+ }
+ return mmp[0], mmp[1], mmp[2], nil
+}
+
+func darwinKernelVersionMin(maj, min, patch int) bool {
+ actualMaj, actualMin, actualPatch, err := darwinMajorMinPatch()
+ if err != nil {
+ return false
+ }
+ return actualMaj > maj || actualMaj == maj && (actualMin > min ||
actualMin == min && actualPatch >= patch)
+}
+
//sys sendfile(infd int, outfd int, offset int64, len *int64, hdtr
unsafe.Pointer, flags int) (err error)
//sys shmat(id int, addr uintptr, flag int) (ret uintptr, err error)
@@ -705,3 +848,7 @@
//sys write(fd int, p []byte) (n int, err error)
//sys mmap(addr uintptr, length uintptr, prot int, flag int, fd int, pos
int64) (ret uintptr, err error)
//sys munmap(addr uintptr, length uintptr) (err error)
+//sys readv(fd int, iovecs []Iovec) (n int, err error)
+//sys preadv(fd int, iovecs []Iovec, offset int64) (n int, err error)
+//sys writev(fd int, iovecs []Iovec) (n int, err error)
+//sys pwritev(fd int, iovecs []Iovec, offset int64) (n int, err error)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/unix/syscall_linux.go
new/vendor/golang.org/x/sys/unix/syscall_linux.go
--- old/vendor/golang.org/x/sys/unix/syscall_linux.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/syscall_linux.go 2025-05-12
07:14:06.000000000 +0200
@@ -13,6 +13,7 @@
import (
"encoding/binary"
+ "slices"
"strconv"
"syscall"
"time"
@@ -417,7 +418,7 @@
return nil, 0, EINVAL
}
sa.raw.Family = AF_UNIX
- for i := 0; i < n; i++ {
+ for i := range n {
sa.raw.Path[i] = int8(name[i])
}
// length is family (uint16), name, NUL.
@@ -507,7 +508,7 @@
psm := (*[2]byte)(unsafe.Pointer(&sa.raw.Psm))
psm[0] = byte(sa.PSM)
psm[1] = byte(sa.PSM >> 8)
- for i := 0; i < len(sa.Addr); i++ {
+ for i := range len(sa.Addr) {
sa.raw.Bdaddr[i] = sa.Addr[len(sa.Addr)-1-i]
}
cid := (*[2]byte)(unsafe.Pointer(&sa.raw.Cid))
@@ -589,11 +590,11 @@
sa.raw.Family = AF_CAN
sa.raw.Ifindex = int32(sa.Ifindex)
rx := (*[4]byte)(unsafe.Pointer(&sa.RxID))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
sa.raw.Addr[i] = rx[i]
}
tx := (*[4]byte)(unsafe.Pointer(&sa.TxID))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
sa.raw.Addr[i+4] = tx[i]
}
return unsafe.Pointer(&sa.raw), SizeofSockaddrCAN, nil
@@ -618,11 +619,11 @@
sa.raw.Family = AF_CAN
sa.raw.Ifindex = int32(sa.Ifindex)
n := (*[8]byte)(unsafe.Pointer(&sa.Name))
- for i := 0; i < 8; i++ {
+ for i := range 8 {
sa.raw.Addr[i] = n[i]
}
p := (*[4]byte)(unsafe.Pointer(&sa.PGN))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
sa.raw.Addr[i+8] = p[i]
}
sa.raw.Addr[12] = sa.Addr
@@ -911,7 +912,7 @@
// These are EBCDIC encoded by the kernel, but we still need to pad them
// with blanks. Initializing with blanks allows the caller to feed in
either
// a padded or an unpadded string.
- for i := 0; i < 8; i++ {
+ for i := range 8 {
sa.raw.Nodeid[i] = ' '
sa.raw.User_id[i] = ' '
sa.raw.Name[i] = ' '
@@ -1148,7 +1149,7 @@
var user [8]byte
var name [8]byte
- for i := 0; i < 8; i++ {
+ for i := range 8 {
user[i] = byte(pp.User_id[i])
name[i] = byte(pp.Name[i])
}
@@ -1173,11 +1174,11 @@
Ifindex: int(pp.Ifindex),
}
name := (*[8]byte)(unsafe.Pointer(&sa.Name))
- for i := 0; i < 8; i++ {
+ for i := range 8 {
name[i] = pp.Addr[i]
}
pgn := (*[4]byte)(unsafe.Pointer(&sa.PGN))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
pgn[i] = pp.Addr[i+8]
}
addr := (*[1]byte)(unsafe.Pointer(&sa.Addr))
@@ -1188,11 +1189,11 @@
Ifindex: int(pp.Ifindex),
}
rx := (*[4]byte)(unsafe.Pointer(&sa.RxID))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
rx[i] = pp.Addr[i]
}
tx := (*[4]byte)(unsafe.Pointer(&sa.TxID))
- for i := 0; i < 4; i++ {
+ for i := range 4 {
tx[i] = pp.Addr[i+4]
}
return sa, nil
@@ -2216,10 +2217,7 @@
return
}
for i := 0; n > 0 && i < len(iovecs); i++ {
- m := int(iovecs[i].Len)
- if m > n {
- m = n
- }
+ m := min(int(iovecs[i].Len), n)
n -= m
if m > 0 {
raceWriteRange(unsafe.Pointer(iovecs[i].Base), m)
@@ -2270,10 +2268,7 @@
return
}
for i := 0; n > 0 && i < len(iovecs); i++ {
- m := int(iovecs[i].Len)
- if m > n {
- m = n
- }
+ m := min(int(iovecs[i].Len), n)
n -= m
if m > 0 {
raceReadRange(unsafe.Pointer(iovecs[i].Base), m)
@@ -2320,12 +2315,7 @@
return false
}
- for _, g := range groups {
- if g == gid {
- return true
- }
- }
- return false
+ return slices.Contains(groups, gid)
}
func isCapDacOverrideSet() bool {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
new/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go
--- old/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.go 2025-05-12
07:14:06.000000000 +0200
@@ -2512,6 +2512,90 @@
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func readv(fd int, iovecs []Iovec) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(libc_readv_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_readv_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_readv readv "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func preadv(fd int, iovecs []Iovec, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(libc_preadv_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_preadv_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_preadv preadv "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func writev(fd int, iovecs []Iovec) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(libc_writev_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_writev_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_writev writev "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pwritev(fd int, iovecs []Iovec, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(libc_pwritev_trampoline_addr,
uintptr(fd), uintptr(_p0), uintptr(len(iovecs)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_pwritev_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pwritev pwritev "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Fstat(fd int, stat *Stat_t) (err error) {
_, _, e1 := syscall_syscall(libc_fstat64_trampoline_addr, uintptr(fd),
uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
new/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s
--- old/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/zsyscall_darwin_amd64.s 2025-05-12
07:14:06.000000000 +0200
@@ -738,6 +738,26 @@
GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8
DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
+TEXT libc_readv_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_readv(SB)
+GLOBL ·libc_readv_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readv_trampoline_addr(SB)/8, $libc_readv_trampoline<>(SB)
+
+TEXT libc_preadv_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_preadv(SB)
+GLOBL ·libc_preadv_trampoline_addr(SB), RODATA, $8
+DATA ·libc_preadv_trampoline_addr(SB)/8, $libc_preadv_trampoline<>(SB)
+
+TEXT libc_writev_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_writev(SB)
+GLOBL ·libc_writev_trampoline_addr(SB), RODATA, $8
+DATA ·libc_writev_trampoline_addr(SB)/8, $libc_writev_trampoline<>(SB)
+
+TEXT libc_pwritev_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_pwritev(SB)
+GLOBL ·libc_pwritev_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pwritev_trampoline_addr(SB)/8, $libc_pwritev_trampoline<>(SB)
+
TEXT libc_fstat64_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstat64(SB)
GLOBL ·libc_fstat64_trampoline_addr(SB), RODATA, $8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
new/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go
--- old/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.go 2025-05-12
07:14:06.000000000 +0200
@@ -2512,6 +2512,90 @@
// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+func readv(fd int, iovecs []Iovec) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(libc_readv_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_readv_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_readv readv "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func preadv(fd int, iovecs []Iovec, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(libc_preadv_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_preadv_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_preadv preadv "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func writev(fd int, iovecs []Iovec) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall(libc_writev_trampoline_addr, uintptr(fd),
uintptr(_p0), uintptr(len(iovecs)))
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_writev_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_writev writev "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
+func pwritev(fd int, iovecs []Iovec, offset int64) (n int, err error) {
+ var _p0 unsafe.Pointer
+ if len(iovecs) > 0 {
+ _p0 = unsafe.Pointer(&iovecs[0])
+ } else {
+ _p0 = unsafe.Pointer(&_zero)
+ }
+ r0, _, e1 := syscall_syscall6(libc_pwritev_trampoline_addr,
uintptr(fd), uintptr(_p0), uintptr(len(iovecs)), uintptr(offset), 0, 0)
+ n = int(r0)
+ if e1 != 0 {
+ err = errnoErr(e1)
+ }
+ return
+}
+
+var libc_pwritev_trampoline_addr uintptr
+
+//go:cgo_import_dynamic libc_pwritev pwritev "/usr/lib/libSystem.B.dylib"
+
+// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT
+
func Fstat(fd int, stat *Stat_t) (err error) {
_, _, e1 := syscall_syscall(libc_fstat_trampoline_addr, uintptr(fd),
uintptr(unsafe.Pointer(stat)), 0)
if e1 != 0 {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
new/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s
--- old/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/unix/zsyscall_darwin_arm64.s 2025-05-12
07:14:06.000000000 +0200
@@ -738,6 +738,26 @@
GLOBL ·libc_munmap_trampoline_addr(SB), RODATA, $8
DATA ·libc_munmap_trampoline_addr(SB)/8, $libc_munmap_trampoline<>(SB)
+TEXT libc_readv_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_readv(SB)
+GLOBL ·libc_readv_trampoline_addr(SB), RODATA, $8
+DATA ·libc_readv_trampoline_addr(SB)/8, $libc_readv_trampoline<>(SB)
+
+TEXT libc_preadv_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_preadv(SB)
+GLOBL ·libc_preadv_trampoline_addr(SB), RODATA, $8
+DATA ·libc_preadv_trampoline_addr(SB)/8, $libc_preadv_trampoline<>(SB)
+
+TEXT libc_writev_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_writev(SB)
+GLOBL ·libc_writev_trampoline_addr(SB), RODATA, $8
+DATA ·libc_writev_trampoline_addr(SB)/8, $libc_writev_trampoline<>(SB)
+
+TEXT libc_pwritev_trampoline<>(SB),NOSPLIT,$0-0
+ JMP libc_pwritev(SB)
+GLOBL ·libc_pwritev_trampoline_addr(SB), RODATA, $8
+DATA ·libc_pwritev_trampoline_addr(SB)/8, $libc_pwritev_trampoline<>(SB)
+
TEXT libc_fstat_trampoline<>(SB),NOSPLIT,$0-0
JMP libc_fstat(SB)
GLOBL ·libc_fstat_trampoline_addr(SB), RODATA, $8
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/windows/registry/key.go
new/vendor/golang.org/x/sys/windows/registry/key.go
--- old/vendor/golang.org/x/sys/windows/registry/key.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/windows/registry/key.go 2025-05-12
07:14:06.000000000 +0200
@@ -164,7 +164,12 @@
func CreateKey(k Key, path string, access uint32) (newk Key, openedExisting
bool, err error) {
var h syscall.Handle
var d uint32
- err = regCreateKeyEx(syscall.Handle(k), syscall.StringToUTF16Ptr(path),
+ var pathPointer *uint16
+ pathPointer, err = syscall.UTF16PtrFromString(path)
+ if err != nil {
+ return 0, false, err
+ }
+ err = regCreateKeyEx(syscall.Handle(k), pathPointer,
0, nil, _REG_OPTION_NON_VOLATILE, access, nil, &h, &d)
if err != nil {
return 0, false, err
@@ -174,7 +179,11 @@
// DeleteKey deletes the subkey path of key k and its values.
func DeleteKey(k Key, path string) error {
- return regDeleteKey(syscall.Handle(k), syscall.StringToUTF16Ptr(path))
+ pathPointer, err := syscall.UTF16PtrFromString(path)
+ if err != nil {
+ return err
+ }
+ return regDeleteKey(syscall.Handle(k), pathPointer)
}
// A KeyInfo describes the statistics of a key. It is returned by Stat.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/windows/registry/value.go
new/vendor/golang.org/x/sys/windows/registry/value.go
--- old/vendor/golang.org/x/sys/windows/registry/value.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/windows/registry/value.go 2025-05-12
07:14:06.000000000 +0200
@@ -340,7 +340,11 @@
// DeleteValue removes a named value from the key k.
func (k Key) DeleteValue(name string) error {
- return regDeleteValue(syscall.Handle(k), syscall.StringToUTF16Ptr(name))
+ namePointer, err := syscall.UTF16PtrFromString(name)
+ if err != nil {
+ return err
+ }
+ return regDeleteValue(syscall.Handle(k), namePointer)
}
// ReadValueNames returns the value names of key k.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/golang.org/x/sys/windows/types_windows.go
new/vendor/golang.org/x/sys/windows/types_windows.go
--- old/vendor/golang.org/x/sys/windows/types_windows.go 2025-03-13
06:20:57.000000000 +0100
+++ new/vendor/golang.org/x/sys/windows/types_windows.go 2025-05-12
07:14:06.000000000 +0200
@@ -1074,6 +1074,7 @@
IP_ADD_MEMBERSHIP = 0xc
IP_DROP_MEMBERSHIP = 0xd
IP_PKTINFO = 0x13
+ IP_MTU_DISCOVER = 0x47
IPV6_V6ONLY = 0x1b
IPV6_UNICAST_HOPS = 0x4
@@ -1083,6 +1084,7 @@
IPV6_JOIN_GROUP = 0xc
IPV6_LEAVE_GROUP = 0xd
IPV6_PKTINFO = 0x13
+ IPV6_MTU_DISCOVER = 0x47
MSG_OOB = 0x1
MSG_PEEK = 0x2
@@ -1132,6 +1134,15 @@
WSASYS_STATUS_LEN = 128
)
+// enum PMTUD_STATE from ws2ipdef.h
+const (
+ IP_PMTUDISC_NOT_SET = 0
+ IP_PMTUDISC_DO = 1
+ IP_PMTUDISC_DONT = 2
+ IP_PMTUDISC_PROBE = 3
+ IP_PMTUDISC_MAX = 4
+)
+
type WSABuf struct {
Len uint32
Buf *byte
@@ -1146,6 +1157,22 @@
Flags uint32
}
+type WSACMSGHDR struct {
+ Len uintptr
+ Level int32
+ Type int32
+}
+
+type IN_PKTINFO struct {
+ Addr [4]byte
+ Ifindex uint32
+}
+
+type IN6_PKTINFO struct {
+ Addr [16]byte
+ Ifindex uint32
+}
+
// Flags for WSASocket
const (
WSA_FLAG_OVERLAPPED = 0x01
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/vendor/modules.txt new/vendor/modules.txt
--- old/vendor/modules.txt 2025-03-13 06:20:57.000000000 +0100
+++ new/vendor/modules.txt 2025-05-12 07:14:06.000000000 +0200
@@ -1,8 +1,8 @@
# github.com/Masterminds/semver/v3 v3.3.1
## explicit; go 1.21
github.com/Masterminds/semver/v3
-# github.com/containernetworking/plugins v1.6.2
-## explicit; go 1.23
+# github.com/containernetworking/plugins v1.7.1
+## explicit; go 1.23.0
github.com/containernetworking/plugins/pkg/ns
# github.com/cpuguy83/go-md2man/v2 v2.0.5
## explicit; go 1.11
@@ -10,8 +10,8 @@
# github.com/gofrs/flock v0.12.1
## explicit; go 1.21.0
github.com/gofrs/flock
-# github.com/google/go-cmp v0.6.0
-## explicit; go 1.13
+# github.com/google/go-cmp v0.7.0
+## explicit; go 1.21
github.com/google/go-cmp/cmp
github.com/google/go-cmp/cmp/internal/diff
github.com/google/go-cmp/cmp/internal/flags
@@ -33,8 +33,8 @@
# github.com/moby/sys/mountinfo v0.7.2
## explicit; go 1.17
github.com/moby/sys/mountinfo
-# github.com/moby/vpnkit v0.5.0
-## explicit
+# github.com/moby/vpnkit v0.6.0
+## explicit; go 1.19
github.com/moby/vpnkit/go/pkg/vmnet
# github.com/pierrec/lz4/v4 v4.1.21
## explicit; go 1.14
@@ -62,13 +62,13 @@
# github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1
## explicit; go 1.15
github.com/xrash/smetrics
-# golang.org/x/net v0.33.0
-## explicit; go 1.18
+# golang.org/x/net v0.38.0
+## explicit; go 1.23.0
golang.org/x/net/bpf
golang.org/x/net/internal/iana
golang.org/x/net/internal/socket
golang.org/x/net/ipv4
-# golang.org/x/sys v0.31.0
+# golang.org/x/sys v0.32.0
## explicit; go 1.23.0
golang.org/x/sys/unix
golang.org/x/sys/windows
