mirror of
https://github.com/containers/skopeo.git
synced 2025-07-11 13:44:15 +00:00
Bump gopkg.in/yaml.v2 from 2.2.2 to 2.2.7
Bumps [gopkg.in/yaml.v2](https://github.com/go-yaml/yaml) from 2.2.2 to 2.2.7. - [Release notes](https://github.com/go-yaml/yaml/releases) - [Commits](https://github.com/go-yaml/yaml/compare/v2.2.2...v2.2.7) Signed-off-by: dependabot-preview[bot] <support@dependabot.com> Signed-off-by: Daniel J Walsh <dwalsh@redhat.com>
This commit is contained in:
parent
9c402f3799
commit
21613f194f
2
go.mod
2
go.mod
@ -21,5 +21,5 @@ require (
|
|||||||
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2
|
github.com/syndtr/gocapability v0.0.0-20180916011248-d98352740cb2
|
||||||
github.com/urfave/cli v1.22.1
|
github.com/urfave/cli v1.22.1
|
||||||
go4.org v0.0.0-20190218023631-ce4c26f7be8e // indirect
|
go4.org v0.0.0-20190218023631-ce4c26f7be8e // indirect
|
||||||
gopkg.in/yaml.v2 v2.2.2
|
gopkg.in/yaml.v2 v2.2.7
|
||||||
)
|
)
|
||||||
|
2
go.sum
2
go.sum
@ -448,6 +448,8 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
|
|||||||
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
gopkg.in/yaml.v2 v2.2.2 h1:ZCJp+EgiOT7lHqUV2J862kp8Qj64Jo6az82+3Td9dZw=
|
||||||
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
|
gopkg.in/yaml.v2 v2.2.7 h1:VUgggvou5XRW9mHwD/yXxIYSMtY0zoKQf/v226p2nyo=
|
||||||
|
gopkg.in/yaml.v2 v2.2.7/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
|
||||||
gotest.tools v0.0.0-20190624233834-05ebafbffc79/go.mod h1:R//lfYlUuTOTfblYI3lGoAAAebUdzjvbmQsuB7Ykd90=
|
gotest.tools v0.0.0-20190624233834-05ebafbffc79/go.mod h1:R//lfYlUuTOTfblYI3lGoAAAebUdzjvbmQsuB7Ykd90=
|
||||||
gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
|
gotest.tools v2.2.0+incompatible h1:VsBPFP1AI068pPrMxtb/S8Zkgf9xEmTLJjfM+P5UIEo=
|
||||||
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
|
gotest.tools v2.2.0+incompatible/go.mod h1:DsYFclhRJ6vuDpmuTbkuFWG+y2sxOXAzmJt81HFBacw=
|
||||||
|
18
vendor/gopkg.in/yaml.v2/.travis.yml
generated
vendored
18
vendor/gopkg.in/yaml.v2/.travis.yml
generated
vendored
@ -1,12 +1,16 @@
|
|||||||
language: go
|
language: go
|
||||||
|
|
||||||
go:
|
go:
|
||||||
- 1.4
|
- "1.4.x"
|
||||||
- 1.5
|
- "1.5.x"
|
||||||
- 1.6
|
- "1.6.x"
|
||||||
- 1.7
|
- "1.7.x"
|
||||||
- 1.8
|
- "1.8.x"
|
||||||
- 1.9
|
- "1.9.x"
|
||||||
- tip
|
- "1.10.x"
|
||||||
|
- "1.11.x"
|
||||||
|
- "1.12.x"
|
||||||
|
- "1.13.x"
|
||||||
|
- "tip"
|
||||||
|
|
||||||
go_import_path: gopkg.in/yaml.v2
|
go_import_path: gopkg.in/yaml.v2
|
||||||
|
48
vendor/gopkg.in/yaml.v2/decode.go
generated
vendored
48
vendor/gopkg.in/yaml.v2/decode.go
generated
vendored
@ -229,6 +229,10 @@ type decoder struct {
|
|||||||
mapType reflect.Type
|
mapType reflect.Type
|
||||||
terrors []string
|
terrors []string
|
||||||
strict bool
|
strict bool
|
||||||
|
|
||||||
|
decodeCount int
|
||||||
|
aliasCount int
|
||||||
|
aliasDepth int
|
||||||
}
|
}
|
||||||
|
|
||||||
var (
|
var (
|
||||||
@ -314,7 +318,43 @@ func (d *decoder) prepare(n *node, out reflect.Value) (newout reflect.Value, unm
|
|||||||
return out, false, false
|
return out, false, false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const (
|
||||||
|
// 400,000 decode operations is ~500kb of dense object declarations, or
|
||||||
|
// ~5kb of dense object declarations with 10000% alias expansion
|
||||||
|
alias_ratio_range_low = 400000
|
||||||
|
|
||||||
|
// 4,000,000 decode operations is ~5MB of dense object declarations, or
|
||||||
|
// ~4.5MB of dense object declarations with 10% alias expansion
|
||||||
|
alias_ratio_range_high = 4000000
|
||||||
|
|
||||||
|
// alias_ratio_range is the range over which we scale allowed alias ratios
|
||||||
|
alias_ratio_range = float64(alias_ratio_range_high - alias_ratio_range_low)
|
||||||
|
)
|
||||||
|
|
||||||
|
func allowedAliasRatio(decodeCount int) float64 {
|
||||||
|
switch {
|
||||||
|
case decodeCount <= alias_ratio_range_low:
|
||||||
|
// allow 99% to come from alias expansion for small-to-medium documents
|
||||||
|
return 0.99
|
||||||
|
case decodeCount >= alias_ratio_range_high:
|
||||||
|
// allow 10% to come from alias expansion for very large documents
|
||||||
|
return 0.10
|
||||||
|
default:
|
||||||
|
// scale smoothly from 99% down to 10% over the range.
|
||||||
|
// this maps to 396,000 - 400,000 allowed alias-driven decodes over the range.
|
||||||
|
// 400,000 decode operations is ~100MB of allocations in worst-case scenarios (single-item maps).
|
||||||
|
return 0.99 - 0.89*(float64(decodeCount-alias_ratio_range_low)/alias_ratio_range)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
func (d *decoder) unmarshal(n *node, out reflect.Value) (good bool) {
|
func (d *decoder) unmarshal(n *node, out reflect.Value) (good bool) {
|
||||||
|
d.decodeCount++
|
||||||
|
if d.aliasDepth > 0 {
|
||||||
|
d.aliasCount++
|
||||||
|
}
|
||||||
|
if d.aliasCount > 100 && d.decodeCount > 1000 && float64(d.aliasCount)/float64(d.decodeCount) > allowedAliasRatio(d.decodeCount) {
|
||||||
|
failf("document contains excessive aliasing")
|
||||||
|
}
|
||||||
switch n.kind {
|
switch n.kind {
|
||||||
case documentNode:
|
case documentNode:
|
||||||
return d.document(n, out)
|
return d.document(n, out)
|
||||||
@ -353,7 +393,9 @@ func (d *decoder) alias(n *node, out reflect.Value) (good bool) {
|
|||||||
failf("anchor '%s' value contains itself", n.value)
|
failf("anchor '%s' value contains itself", n.value)
|
||||||
}
|
}
|
||||||
d.aliases[n] = true
|
d.aliases[n] = true
|
||||||
|
d.aliasDepth++
|
||||||
good = d.unmarshal(n.alias, out)
|
good = d.unmarshal(n.alias, out)
|
||||||
|
d.aliasDepth--
|
||||||
delete(d.aliases, n)
|
delete(d.aliases, n)
|
||||||
return good
|
return good
|
||||||
}
|
}
|
||||||
@ -746,8 +788,7 @@ func (d *decoder) merge(n *node, out reflect.Value) {
|
|||||||
case mappingNode:
|
case mappingNode:
|
||||||
d.unmarshal(n, out)
|
d.unmarshal(n, out)
|
||||||
case aliasNode:
|
case aliasNode:
|
||||||
an, ok := d.doc.anchors[n.value]
|
if n.alias != nil && n.alias.kind != mappingNode {
|
||||||
if ok && an.kind != mappingNode {
|
|
||||||
failWantMap()
|
failWantMap()
|
||||||
}
|
}
|
||||||
d.unmarshal(n, out)
|
d.unmarshal(n, out)
|
||||||
@ -756,8 +797,7 @@ func (d *decoder) merge(n *node, out reflect.Value) {
|
|||||||
for i := len(n.children) - 1; i >= 0; i-- {
|
for i := len(n.children) - 1; i >= 0; i-- {
|
||||||
ni := n.children[i]
|
ni := n.children[i]
|
||||||
if ni.kind == aliasNode {
|
if ni.kind == aliasNode {
|
||||||
an, ok := d.doc.anchors[ni.value]
|
if ni.alias != nil && ni.alias.kind != mappingNode {
|
||||||
if ok && an.kind != mappingNode {
|
|
||||||
failWantMap()
|
failWantMap()
|
||||||
}
|
}
|
||||||
} else if ni.kind != mappingNode {
|
} else if ni.kind != mappingNode {
|
||||||
|
2
vendor/gopkg.in/yaml.v2/resolve.go
generated
vendored
2
vendor/gopkg.in/yaml.v2/resolve.go
generated
vendored
@ -81,7 +81,7 @@ func resolvableTag(tag string) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
var yamlStyleFloat = regexp.MustCompile(`^[-+]?[0-9]*\.?[0-9]+([eE][-+][0-9]+)?$`)
|
var yamlStyleFloat = regexp.MustCompile(`^[-+]?(\.[0-9]+|[0-9]+(\.[0-9]*)?)([eE][-+]?[0-9]+)?$`)
|
||||||
|
|
||||||
func resolve(tag string, in string) (rtag string, out interface{}) {
|
func resolve(tag string, in string) (rtag string, out interface{}) {
|
||||||
if !resolvableTag(tag) {
|
if !resolvableTag(tag) {
|
||||||
|
78
vendor/gopkg.in/yaml.v2/scannerc.go
generated
vendored
78
vendor/gopkg.in/yaml.v2/scannerc.go
generated
vendored
@ -634,13 +634,14 @@ func yaml_parser_fetch_more_tokens(parser *yaml_parser_t) bool {
|
|||||||
need_more_tokens = true
|
need_more_tokens = true
|
||||||
} else {
|
} else {
|
||||||
// Check if any potential simple key may occupy the head position.
|
// Check if any potential simple key may occupy the head position.
|
||||||
if !yaml_parser_stale_simple_keys(parser) {
|
for i := len(parser.simple_keys) - 1; i >= 0; i-- {
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
for i := range parser.simple_keys {
|
|
||||||
simple_key := &parser.simple_keys[i]
|
simple_key := &parser.simple_keys[i]
|
||||||
if simple_key.possible && simple_key.token_number == parser.tokens_parsed {
|
if simple_key.token_number < parser.tokens_parsed {
|
||||||
|
break
|
||||||
|
}
|
||||||
|
if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok {
|
||||||
|
return false
|
||||||
|
} else if valid && simple_key.token_number == parser.tokens_parsed {
|
||||||
need_more_tokens = true
|
need_more_tokens = true
|
||||||
break
|
break
|
||||||
}
|
}
|
||||||
@ -678,11 +679,6 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool {
|
|||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
// Remove obsolete potential simple keys.
|
|
||||||
if !yaml_parser_stale_simple_keys(parser) {
|
|
||||||
return false
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check the indentation level against the current column.
|
// Check the indentation level against the current column.
|
||||||
if !yaml_parser_unroll_indent(parser, parser.mark.column) {
|
if !yaml_parser_unroll_indent(parser, parser.mark.column) {
|
||||||
return false
|
return false
|
||||||
@ -837,29 +833,30 @@ func yaml_parser_fetch_next_token(parser *yaml_parser_t) bool {
|
|||||||
"found character that cannot start any token")
|
"found character that cannot start any token")
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check the list of potential simple keys and remove the positions that
|
func yaml_simple_key_is_valid(parser *yaml_parser_t, simple_key *yaml_simple_key_t) (valid, ok bool) {
|
||||||
// cannot contain simple keys anymore.
|
if !simple_key.possible {
|
||||||
func yaml_parser_stale_simple_keys(parser *yaml_parser_t) bool {
|
return false, true
|
||||||
// Check for a potential simple key for each flow level.
|
}
|
||||||
for i := range parser.simple_keys {
|
|
||||||
simple_key := &parser.simple_keys[i]
|
|
||||||
|
|
||||||
// The specification requires that a simple key
|
// The 1.2 specification says:
|
||||||
//
|
//
|
||||||
// - is limited to a single line,
|
// "If the ? indicator is omitted, parsing needs to see past the
|
||||||
// - is shorter than 1024 characters.
|
// implicit key to recognize it as such. To limit the amount of
|
||||||
if simple_key.possible && (simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index) {
|
// lookahead required, the “:” indicator must appear at most 1024
|
||||||
|
// Unicode characters beyond the start of the key. In addition, the key
|
||||||
|
// is restricted to a single line."
|
||||||
|
//
|
||||||
|
if simple_key.mark.line < parser.mark.line || simple_key.mark.index+1024 < parser.mark.index {
|
||||||
// Check if the potential simple key to be removed is required.
|
// Check if the potential simple key to be removed is required.
|
||||||
if simple_key.required {
|
if simple_key.required {
|
||||||
return yaml_parser_set_scanner_error(parser,
|
return false, yaml_parser_set_scanner_error(parser,
|
||||||
"while scanning a simple key", simple_key.mark,
|
"while scanning a simple key", simple_key.mark,
|
||||||
"could not find expected ':'")
|
"could not find expected ':'")
|
||||||
}
|
}
|
||||||
simple_key.possible = false
|
simple_key.possible = false
|
||||||
|
return false, true
|
||||||
}
|
}
|
||||||
}
|
return true, true
|
||||||
return true
|
|
||||||
}
|
}
|
||||||
|
|
||||||
// Check if a simple key may start at the current position and add it if
|
// Check if a simple key may start at the current position and add it if
|
||||||
@ -879,8 +876,8 @@ func yaml_parser_save_simple_key(parser *yaml_parser_t) bool {
|
|||||||
possible: true,
|
possible: true,
|
||||||
required: required,
|
required: required,
|
||||||
token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
|
token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
|
||||||
|
mark: parser.mark,
|
||||||
}
|
}
|
||||||
simple_key.mark = parser.mark
|
|
||||||
|
|
||||||
if !yaml_parser_remove_simple_key(parser) {
|
if !yaml_parser_remove_simple_key(parser) {
|
||||||
return false
|
return false
|
||||||
@ -906,13 +903,26 @@ func yaml_parser_remove_simple_key(parser *yaml_parser_t) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// max_flow_level limits the flow_level
|
||||||
|
const max_flow_level = 10000
|
||||||
|
|
||||||
// Increase the flow level and resize the simple key list if needed.
|
// Increase the flow level and resize the simple key list if needed.
|
||||||
func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
|
func yaml_parser_increase_flow_level(parser *yaml_parser_t) bool {
|
||||||
// Reset the simple key on the next level.
|
// Reset the simple key on the next level.
|
||||||
parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{})
|
parser.simple_keys = append(parser.simple_keys, yaml_simple_key_t{
|
||||||
|
possible: false,
|
||||||
|
required: false,
|
||||||
|
token_number: parser.tokens_parsed + (len(parser.tokens) - parser.tokens_head),
|
||||||
|
mark: parser.mark,
|
||||||
|
})
|
||||||
|
|
||||||
// Increase the flow level.
|
// Increase the flow level.
|
||||||
parser.flow_level++
|
parser.flow_level++
|
||||||
|
if parser.flow_level > max_flow_level {
|
||||||
|
return yaml_parser_set_scanner_error(parser,
|
||||||
|
"while increasing flow level", parser.simple_keys[len(parser.simple_keys)-1].mark,
|
||||||
|
fmt.Sprintf("exceeded max depth of %d", max_flow_level))
|
||||||
|
}
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -925,6 +935,9 @@ func yaml_parser_decrease_flow_level(parser *yaml_parser_t) bool {
|
|||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// max_indents limits the indents stack size
|
||||||
|
const max_indents = 10000
|
||||||
|
|
||||||
// Push the current indentation level to the stack and set the new level
|
// Push the current indentation level to the stack and set the new level
|
||||||
// the current column is greater than the indentation level. In this case,
|
// the current column is greater than the indentation level. In this case,
|
||||||
// append or insert the specified token into the token queue.
|
// append or insert the specified token into the token queue.
|
||||||
@ -939,6 +952,11 @@ func yaml_parser_roll_indent(parser *yaml_parser_t, column, number int, typ yaml
|
|||||||
// indentation level.
|
// indentation level.
|
||||||
parser.indents = append(parser.indents, parser.indent)
|
parser.indents = append(parser.indents, parser.indent)
|
||||||
parser.indent = column
|
parser.indent = column
|
||||||
|
if len(parser.indents) > max_indents {
|
||||||
|
return yaml_parser_set_scanner_error(parser,
|
||||||
|
"while increasing indent level", parser.simple_keys[len(parser.simple_keys)-1].mark,
|
||||||
|
fmt.Sprintf("exceeded max depth of %d", max_indents))
|
||||||
|
}
|
||||||
|
|
||||||
// Create a token and insert it into the queue.
|
// Create a token and insert it into the queue.
|
||||||
token := yaml_token_t{
|
token := yaml_token_t{
|
||||||
@ -1270,7 +1288,11 @@ func yaml_parser_fetch_value(parser *yaml_parser_t) bool {
|
|||||||
simple_key := &parser.simple_keys[len(parser.simple_keys)-1]
|
simple_key := &parser.simple_keys[len(parser.simple_keys)-1]
|
||||||
|
|
||||||
// Have we found a simple key?
|
// Have we found a simple key?
|
||||||
if simple_key.possible {
|
if valid, ok := yaml_simple_key_is_valid(parser, simple_key); !ok {
|
||||||
|
return false
|
||||||
|
|
||||||
|
} else if valid {
|
||||||
|
|
||||||
// Create the KEY token and insert it into the queue.
|
// Create the KEY token and insert it into the queue.
|
||||||
token := yaml_token_t{
|
token := yaml_token_t{
|
||||||
typ: yaml_KEY_TOKEN,
|
typ: yaml_KEY_TOKEN,
|
||||||
|
2
vendor/gopkg.in/yaml.v2/yaml.go
generated
vendored
2
vendor/gopkg.in/yaml.v2/yaml.go
generated
vendored
@ -89,7 +89,7 @@ func UnmarshalStrict(in []byte, out interface{}) (err error) {
|
|||||||
return unmarshal(in, out, true)
|
return unmarshal(in, out, true)
|
||||||
}
|
}
|
||||||
|
|
||||||
// A Decorder reads and decodes YAML values from an input stream.
|
// A Decoder reads and decodes YAML values from an input stream.
|
||||||
type Decoder struct {
|
type Decoder struct {
|
||||||
strict bool
|
strict bool
|
||||||
parser *parser
|
parser *parser
|
||||||
|
2
vendor/modules.txt
vendored
2
vendor/modules.txt
vendored
@ -350,7 +350,7 @@ google.golang.org/grpc/status
|
|||||||
gopkg.in/square/go-jose.v2
|
gopkg.in/square/go-jose.v2
|
||||||
gopkg.in/square/go-jose.v2/cipher
|
gopkg.in/square/go-jose.v2/cipher
|
||||||
gopkg.in/square/go-jose.v2/json
|
gopkg.in/square/go-jose.v2/json
|
||||||
# gopkg.in/yaml.v2 v2.2.2
|
# gopkg.in/yaml.v2 v2.2.7
|
||||||
gopkg.in/yaml.v2
|
gopkg.in/yaml.v2
|
||||||
# k8s.io/client-go v0.0.0-20181219152756-3dd551c0f083
|
# k8s.io/client-go v0.0.0-20181219152756-3dd551c0f083
|
||||||
k8s.io/client-go/util/homedir
|
k8s.io/client-go/util/homedir
|
||||||
|
Loading…
Reference in New Issue
Block a user