Bump github.com/containers/ocicrypt from 1.1.6 to 1.1.7

Bumps [github.com/containers/ocicrypt](https://github.com/containers/ocicrypt) from 1.1.6 to 1.1.7. - [Release notes](https://github.com/containers/ocicrypt/releases) - [Commits](https://github.com/containers/ocicrypt/compare/v1.1.6...v1.1.7) --- updated-dependencies: - dependency-name: github.com/containers/ocicrypt dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
2025-09-14 22:10:00 +00:00 · 2023-01-19 09:03:20 +00:00
parent b51eb214c2
commit 63da8390f1
27 changed files with 247 additions and 236 deletions
--- a/vendor/github.com/containers/ocicrypt/gpg.go
+++ b/vendor/github.com/containers/ocicrypt/gpg.go
@@ -17,16 +17,17 @@
 package ocicrypt

 import (
+	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"os"
 	"os/exec"
 	"regexp"
 	"strconv"
 	"strings"
+	"sync"

 	ocispec "github.com/opencontainers/image-spec/specs-go/v1"
-	"github.com/pkg/errors"
 	"golang.org/x/term"
 )

@@ -132,7 +133,7 @@ func (gc *gpgv2Client) GetGPGPrivateKey(keyid uint64, passphrase string) ([]byte

 	rfile, wfile, err := os.Pipe()
 	if err != nil {
-		return nil, errors.Wrapf(err, "could not create pipe")
+		return nil, fmt.Errorf("could not create pipe: %w", err)
 	}
 	defer func() {
 		rfile.Close()
@@ -272,8 +273,8 @@ func runGPGGetOutput(cmd *exec.Cmd) ([]byte, error) {
 		return nil, err
 	}

-	stdoutstr, err2 := ioutil.ReadAll(stdout)
-	stderrstr, _ := ioutil.ReadAll(stderr)
+	stdoutstr, err2 := io.ReadAll(stdout)
+	stderrstr, _ := io.ReadAll(stderr)

 	if err := cmd.Wait(); err != nil {
 		return nil, fmt.Errorf("error from %s: %s", cmd.Path, string(stderrstr))
@@ -310,9 +311,15 @@ func resolveRecipients(gc GPGClient, recipients []string) []string {
 	return result
 }

-var emailPattern = regexp.MustCompile(`uid\s+\[.*\]\s.*\s<(?P<email>.+)>`)
+var (
+	onceRegexp   sync.Once
+	emailPattern *regexp.Regexp
+)

 func extractEmailFromDetails(details []byte) string {
+	onceRegexp.Do(func() {
+		emailPattern = regexp.MustCompile(`uid\s+\[.*\]\s.*\s<(?P<email>.+)>`)
+	})
 	loc := emailPattern.FindSubmatchIndex(details)
 	if len(loc) == 0 {
 		return ""
@@ -352,7 +359,7 @@ func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault
 			}
 			keywrapper := GetKeyWrapper(scheme)
 			if keywrapper == nil {
-				return nil, nil, errors.Errorf("could not get KeyWrapper for %s\n", scheme)
+				return nil, nil, fmt.Errorf("could not get KeyWrapper for %s", scheme)
 			}
 			keyIds, err := keywrapper.GetKeyIdsFromPacket(b64pgpPackets)
 			if err != nil {
@@ -411,7 +418,7 @@ func GPGGetPrivateKey(descs []ocispec.Descriptor, gpgClient GPGClient, gpgVault
 			if !found && len(b64pgpPackets) > 0 && mustFindKey {
 				ids := uint64ToStringArray("0x%x", keyIds)

-				return nil, nil, errors.Errorf("missing key for decryption of layer %x of %s. Need one of the following keys: %s", desc.Digest, desc.Platform, strings.Join(ids, ", "))
+				return nil, nil, fmt.Errorf("missing key for decryption of layer %x of %s. Need one of the following keys: %s", desc.Digest, desc.Platform, strings.Join(ids, ", "))
 			}
 		}
 	}