Merge pull request #6736 from thaJeztah/bump_modules

vendor: moby/api v1.53.0-rc.2, moby/client v0.2.2-rc.2
2026-01-26 15:41:42 +03:00 · 2026-01-19 12:00:25 +00:00
parent 714f5bfae4 c8841ac1b2
commit d5ed037320
19 changed files with 203 additions and 24 deletions
--- a/vendor.mod
+++ b/vendor.mod
@@ -28,8 +28,8 @@ require (
 	github.com/google/uuid v1.6.0
 	github.com/mattn/go-runewidth v0.0.19
 	github.com/moby/go-archive v0.2.0
-	github.com/moby/moby/api v1.53.0-rc.1
-	github.com/moby/moby/client v0.2.2-rc.1
+	github.com/moby/moby/api v1.53.0-rc.2
+	github.com/moby/moby/client v0.2.2-rc.2
 	github.com/moby/patternmatcher v0.6.0
 	github.com/moby/swarmkit/v2 v2.1.1
 	github.com/moby/sys/atomicwriter v0.1.0
--- a/vendor.sum
+++ b/vendor.sum
@@ -113,10 +113,10 @@ github.com/moby/docker-image-spec v1.3.1 h1:jMKff3w6PgbfSa69GfNg+zN/XLhfXJGnEx3N
 github.com/moby/docker-image-spec v1.3.1/go.mod h1:eKmb5VW8vQEh/BAr2yvVNvuiJuY6UIocYsFu/DxxRpo=
 github.com/moby/go-archive v0.2.0 h1:zg5QDUM2mi0JIM9fdQZWC7U8+2ZfixfTYoHL7rWUcP8=
 github.com/moby/go-archive v0.2.0/go.mod h1:mNeivT14o8xU+5q1YnNrkQVpK+dnNe/K6fHqnTg4qPU=
-github.com/moby/moby/api v1.53.0-rc.1 h1:M5SUwRbTrNy+plCTiV6gn4ZiN/Csynk0imIsUmOgHGI=
-github.com/moby/moby/api v1.53.0-rc.1/go.mod h1:8mb+ReTlisw4pS6BRzCMts5M49W5M7bKt1cJy/YbAqc=
-github.com/moby/moby/client v0.2.2-rc.1 h1:Ah2bPvdR3ZzHK+AvZeyLMyHHfEHifYlAyuWY33dLIno=
-github.com/moby/moby/client v0.2.2-rc.1/go.mod h1:tbJAygdiC6iCbKkVez27Jjm9y8vdvs8y9mizjiQrNRI=
+github.com/moby/moby/api v1.53.0-rc.2 h1:Ajc2MnWJRC2AAqhIGNaqvwaA2mMYKyuso5PjxPP2KM4=
+github.com/moby/moby/api v1.53.0-rc.2/go.mod h1:8mb+ReTlisw4pS6BRzCMts5M49W5M7bKt1cJy/YbAqc=
+github.com/moby/moby/client v0.2.2-rc.2 h1:j8cmCofnlLCimDzFUYsrrACJZWsRiq0ZqGrbbVX2fFs=
+github.com/moby/moby/client v0.2.2-rc.2/go.mod h1:LxIGylF1oOCPvokq90dMSUy44ODFFLkt2vRgDE1RKck=
 github.com/moby/patternmatcher v0.6.0 h1:GmP9lR19aU5GqSSFko+5pRqHi+Ohk1O69aFiKkVGiPk=
 github.com/moby/patternmatcher v0.6.0/go.mod h1:hDPoyOpDY7OrrMDLaYoY3hf52gNCR/YOUYxkhApJIxc=
 github.com/moby/swarmkit/v2 v2.1.1 h1:yvTJ8MMCc3f0qTA44J6R59EZ5yZawdYopkpuLk4+ICU=
--- a/vendor/github.com/moby/moby/api/types/image/build_identity.go
+++ b/vendor/github.com/moby/moby/api/types/image/build_identity.go
@@ -0,0 +1,15 @@
+package image
+
+import (
+	"time"
+)
+
+// BuildIdentity contains build reference information if image was created via build.
+type BuildIdentity struct {
+	// Ref is the identifier for the build request. This reference can be used to
+	// look up the build details in BuildKit history API.
+	Ref string `json:"Ref,omitempty"`
+
+	// CreatedAt is the time when the build ran.
+	CreatedAt time.Time `json:"CreatedAt,omitempty"`
+}
--- a/vendor/github.com/moby/moby/api/types/image/identity.go
+++ b/vendor/github.com/moby/moby/api/types/image/identity.go
@@ -0,0 +1,15 @@
+package image
+
+// Identity holds information about the identity and origin of the image.
+// This is trusted information verified by the daemon and cannot be modified
+// by tagging an image to a different name.
+type Identity struct {
+	// Signature contains the properties of verified signatures for the image.
+	Signature []SignatureIdentity `json:"Signature,omitzero"`
+	// Pull contains remote location information if image was created via pull.
+	// If image was pulled via mirror, this contains the original repository location.
+	// After successful push this images also contains the pushed repository location.
+	Pull []PullIdentity `json:"Pull,omitzero"`
+	// Build contains build reference information if image was created via build.
+	Build []BuildIdentity `json:"Build,omitzero"`
+}
--- a/vendor/github.com/moby/moby/api/types/image/image_inspect.go
+++ b/vendor/github.com/moby/moby/api/types/image/image_inspect.go
@@ -105,4 +105,33 @@ type InspectResponse struct {
 	// WARNING: This is experimental and may change at any time without any backward
 	// compatibility.
 	Manifests []ManifestSummary `json:"Manifests,omitempty"`
+
+	// Identity holds information about the identity and origin of the image.
+	// This is trusted information verified by the daemon and cannot be modified
+	// by tagging an image to a different name.
+	Identity *Identity `json:"Identity,omitempty"`
 }
+
+// SignatureTimestampType is the type of timestamp used in the signature.
+type SignatureTimestampType string
+
+const (
+	SignatureTimestampTlog      SignatureTimestampType = "Tlog"
+	SignatureTimestampAuthority SignatureTimestampType = "TimestampAuthority"
+)
+
+// SignatureType is the type of signature format.
+type SignatureType string
+
+const (
+	SignatureTypeBundleV03       SignatureType = "bundle-v0.3"
+	SignatureTypeSimpleSigningV1 SignatureType = "simplesigning-v1"
+)
+
+// KnownSignerIdentity is an identifier for a special signer identity that is known to the implementation.
+type KnownSignerIdentity string
+
+const (
+	// KnownSignerDHI is the known identity for Docker Hardened Images.
+	KnownSignerDHI KnownSignerIdentity = "DHI"
+)
--- a/vendor/github.com/moby/moby/api/types/image/pull_identity.go
+++ b/vendor/github.com/moby/moby/api/types/image/pull_identity.go
@@ -0,0 +1,8 @@
+package image
+
+// PullIdentity contains remote location information if image was created via pull.
+// If image was pulled via mirror, this contains the original repository location.
+type PullIdentity struct {
+	// Repository is the remote repository location the image was pulled from.
+	Repository string `json:"Repository,omitempty"`
+}
--- a/vendor/github.com/moby/moby/api/types/image/signature_identity.go
+++ b/vendor/github.com/moby/moby/api/types/image/signature_identity.go
@@ -0,0 +1,26 @@
+package image
+
+// SignatureIdentity contains the properties of verified signatures for the image.
+type SignatureIdentity struct {
+	// Name is a textual description summarizing the type of signature.
+	Name string `json:"Name,omitempty"`
+	// Timestamps contains a list of verified signed timestamps for the signature.
+	Timestamps []SignatureTimestamp `json:"Timestamps,omitzero"`
+	// KnownSigner is an identifier for a special signer identity that is known to the implementation.
+	KnownSigner KnownSignerIdentity `json:"KnownSigner,omitempty"`
+	// DockerReference is the Docker image reference associated with the signature.
+	// This is an optional field only present in older hashedrecord signatures.
+	DockerReference string `json:"DockerReference,omitempty"`
+	// Signer contains information about the signer certificate used to sign the image.
+	Signer *SignerIdentity `json:"Signer,omitempty"`
+	// SignatureType is the type of signature format. E.g. "bundle-v0.3" or "hashedrecord".
+	SignatureType SignatureType `json:"SignatureType,omitempty"`
+
+	// Error contains error information if signature verification failed.
+	// Other fields will be empty in this case.
+	Error string `json:"Error,omitempty"`
+	// Warnings contains any warnings that occurred during signature verification.
+	// For example, if there was no internet connectivity and cached trust roots were used.
+	// Warning does not indicate a failed verification but may point to configuration issues.
+	Warnings []string `json:"Warnings,omitzero"`
+}
--- a/vendor/github.com/moby/moby/api/types/image/signature_timestamp.go
+++ b/vendor/github.com/moby/moby/api/types/image/signature_timestamp.go
@@ -0,0 +1,12 @@
+package image
+
+import (
+	"time"
+)
+
+// SignatureTimestamp contains information about a verified signed timestamp for an image signature.
+type SignatureTimestamp struct {
+	Type      SignatureTimestampType `json:"Type"`
+	URI       string                 `json:"URI"`
+	Timestamp time.Time              `json:"Timestamp"`
+}
--- a/vendor/github.com/moby/moby/api/types/image/signer_identity.go
+++ b/vendor/github.com/moby/moby/api/types/image/signer_identity.go
@@ -0,0 +1,57 @@
+package image
+
+// SignerIdentity contains information about the signer certificate used to sign the image.
+// This is [certificate.Summary] with deprecated fields removed and keys in Moby uppercase style.
+//
+// [certificate.Summary]: https://pkg.go.dev/github.com/sigstore/sigstore-go/pkg/fulcio/certificate#Summary
+type SignerIdentity struct {
+	CertificateIssuer      string `json:"CertificateIssuer"`
+	SubjectAlternativeName string `json:"SubjectAlternativeName"`
+	// The OIDC issuer. Should match `iss` claim of ID token or, in the case of
+	// a federated login like Dex it should match the issuer URL of the
+	// upstream issuer. The issuer is not set the extensions are invalid and
+	// will fail to render.
+	Issuer string `json:"Issuer,omitempty"` // OID 1.3.6.1.4.1.57264.1.8 and 1.3.6.1.4.1.57264.1.1 (Deprecated)
+
+	// Reference to specific build instructions that are responsible for signing.
+	BuildSignerURI string `json:"BuildSignerURI,omitempty"` // 1.3.6.1.4.1.57264.1.9
+
+	// Immutable reference to the specific version of the build instructions that is responsible for signing.
+	BuildSignerDigest string `json:"BuildSignerDigest,omitempty"` // 1.3.6.1.4.1.57264.1.10
+
+	// Specifies whether the build took place in platform-hosted cloud infrastructure or customer/self-hosted infrastructure.
+	RunnerEnvironment string `json:"RunnerEnvironment,omitempty"` // 1.3.6.1.4.1.57264.1.11
+
+	// Source repository URL that the build was based on.
+	SourceRepositoryURI string `json:"SourceRepositoryURI,omitempty"` // 1.3.6.1.4.1.57264.1.12
+
+	// Immutable reference to a specific version of the source code that the build was based upon.
+	SourceRepositoryDigest string `json:"SourceRepositoryDigest,omitempty"` // 1.3.6.1.4.1.57264.1.13
+
+	// Source Repository Ref that the build run was based upon.
+	SourceRepositoryRef string `json:"SourceRepositoryRef,omitempty"` // 1.3.6.1.4.1.57264.1.14
+
+	// Immutable identifier for the source repository the workflow was based upon.
+	SourceRepositoryIdentifier string `json:"SourceRepositoryIdentifier,omitempty"` // 1.3.6.1.4.1.57264.1.15
+
+	// Source repository owner URL of the owner of the source repository that the build was based on.
+	SourceRepositoryOwnerURI string `json:"SourceRepositoryOwnerURI,omitempty"` // 1.3.6.1.4.1.57264.1.16
+
+	// Immutable identifier for the owner of the source repository that the workflow was based upon.
+	SourceRepositoryOwnerIdentifier string `json:"SourceRepositoryOwnerIdentifier,omitempty"` // 1.3.6.1.4.1.57264.1.17
+
+	// Build Config URL to the top-level/initiating build instructions.
+	BuildConfigURI string `json:"BuildConfigURI,omitempty"` // 1.3.6.1.4.1.57264.1.18
+
+	// Immutable reference to the specific version of the top-level/initiating build instructions.
+	BuildConfigDigest string `json:"BuildConfigDigest,omitempty"` // 1.3.6.1.4.1.57264.1.19
+
+	// Event or action that initiated the build.
+	BuildTrigger string `json:"BuildTrigger,omitempty"` // 1.3.6.1.4.1.57264.1.20
+
+	// Run Invocation URL to uniquely identify the build execution.
+	RunInvocationURI string `json:"RunInvocationURI,omitempty"` // 1.3.6.1.4.1.57264.1.21
+
+	// Source repository visibility at the time of signing the certificate.
+	SourceRepositoryVisibilityAtSigning string `json:"SourceRepositoryVisibilityAtSigning,omitempty"` // 1.3.6.1.4.1.57264.1.22
+}
--- a/vendor/github.com/moby/moby/api/types/jsonstream/message.go
+++ b/vendor/github.com/moby/moby/api/types/jsonstream/message.go
@@ -2,9 +2,9 @@ package jsonstream

 import "encoding/json"

-// JSONMessage defines a message struct. It describes
+// Message defines a message struct. It describes
 // the created time, where it from, status, ID of the
-// message. It's used for docker events.
+// message.
 type Message struct {
 	Stream   string           `json:"stream,omitempty"`
 	Status   string           `json:"status,omitempty"`
--- a/vendor/github.com/moby/moby/api/types/swarm/task.go
+++ b/vendor/github.com/moby/moby/api/types/swarm/task.go
@@ -148,7 +148,7 @@ type ResourceRequirements struct {
 	// Tune container memory swappiness (0 to 100) - if not specified, defaults
 	// to the container OS's default - generally 60, or the value predefined in
 	// the image; set to -1 to unset a previously set value
-	MemorySwappiness *int64 `json:MemorySwappiness,omitzero"`
+	MemorySwappiness *int64 `json:"MemorySwappiness,omitzero"`
 }

 // Placement represents orchestration parameters.
--- a/vendor/github.com/moby/moby/client/client_options.go
+++ b/vendor/github.com/moby/moby/client/client_options.go
@@ -133,8 +133,6 @@ func (tf testRoundTripper) RoundTrip(req *http.Request) (*http.Response, error)
 	return tf(req)
 }

-func (testRoundTripper) skipConfigureTransport() bool { return true }
-
 // WithHostFromEnv overrides the client host with the host specified in the
 // DOCKER_HOST ([EnvOverrideHost]) environment variable. If DOCKER_HOST is not set,
 // or set to an empty value, the host is not modified.
@@ -151,7 +149,16 @@ func WithHostFromEnv() Opt {
 func WithHTTPClient(client *http.Client) Opt {
 	return func(c *clientConfig) error {
 		if client != nil {
-			c.client = client
+			// Make a clone of client so modifications do not affect
+			// the caller's client. Clone here instead of in New()
+			// as other options (WithHost) also mutate c.client.
+			// Cloned clients share the same CookieJar as the
+			// original.
+			hc := *client
+			if ht, ok := hc.Transport.(*http.Transport); ok {
+				hc.Transport = ht.Clone()
+			}
+			c.client = &hc
 		}
 		return nil
 	}
--- a/vendor/github.com/moby/moby/client/container_exec.go
+++ b/vendor/github.com/moby/moby/client/container_exec.go
@@ -5,7 +5,7 @@ import (
 	"encoding/json"
 	"net/http"

-	"github.com/containerd/errdefs"
+	cerrdefs "github.com/containerd/errdefs"
 	"github.com/moby/moby/api/types/container"
 )

@@ -152,7 +152,7 @@ func (cli *Client) ExecAttach(ctx context.Context, execID string, options ExecAt
 func getConsoleSize(hasTTY bool, consoleSize ConsoleSize) (*[2]uint, error) {
 	if consoleSize.Height != 0 || consoleSize.Width != 0 {
 		if !hasTTY {
-			return nil, errdefs.ErrInvalidArgument.WithMessage("console size is only supported when TTY is enabled")
+			return nil, cerrdefs.ErrInvalidArgument.WithMessage("console size is only supported when TTY is enabled")
 		}
 		return &[2]uint{consoleSize.Height, consoleSize.Width}, nil
 	}
--- a/vendor/github.com/moby/moby/client/container_rename.go
+++ b/vendor/github.com/moby/moby/client/container_rename.go
@@ -5,7 +5,7 @@ import (
 	"net/url"
 	"strings"

-	"github.com/containerd/errdefs"
+	cerrdefs "github.com/containerd/errdefs"
 )

 // ContainerRenameOptions represents the options for renaming a container.
@@ -28,7 +28,7 @@ func (cli *Client) ContainerRename(ctx context.Context, containerID string, opti
 	if options.NewName == "" || strings.TrimPrefix(options.NewName, "/") == "" {
 		// daemons before v29.0 did not handle the canonical name ("/") well
 		// let's be nice and validate it here before sending
-		return ContainerRenameResult{}, errdefs.ErrInvalidArgument.WithMessage("new name cannot be blank")
+		return ContainerRenameResult{}, cerrdefs.ErrInvalidArgument.WithMessage("new name cannot be blank")
 	}

 	query := url.Values{}
--- a/vendor/github.com/moby/moby/client/internal/jsonmessages.go
+++ b/vendor/github.com/moby/moby/client/internal/jsonmessages.go
@@ -45,12 +45,15 @@ func (r stream) Close() error {
 // JSONMessages decodes the response stream as a sequence of JSONMessages.
 // if stream ends or context is cancelled, the underlying [io.Reader] is closed.
 func (r stream) JSONMessages(ctx context.Context) iter.Seq2[jsonstream.Message, error] {
-	context.AfterFunc(ctx, func() {
+	stop := context.AfterFunc(ctx, func() {
 		_ = r.Close()
 	})
 	dec := json.NewDecoder(r)
 	return func(yield func(jsonstream.Message, error) bool) {
-		defer r.Close()
+		defer func() {
+			stop() // unregister AfterFunc
+			r.Close()
+		}()
 		for {
 			var jm jsonstream.Message
 			err := dec.Decode(&jm)
--- a/vendor/github.com/moby/moby/client/system_disk_usage.go
+++ b/vendor/github.com/moby/moby/client/system_disk_usage.go
@@ -276,6 +276,8 @@ func containerDiskUsageFromLegacyAPI(du *legacyDiskUsage) ContainersDiskUsage {
 		case container.StateRunning, container.StatePaused, container.StateRestarting:
 			cdu.ActiveCount++
 			used += c.SizeRw
+		case container.StateCreated, container.StateRemoving, container.StateExited, container.StateDead:
+			// not active
 		}
 	}

--- a/vendor/github.com/moby/moby/client/utils.go
+++ b/vendor/github.com/moby/moby/client/utils.go
@@ -136,14 +136,19 @@ func newCancelReadCloser(ctx context.Context, rc io.ReadCloser) io.ReadCloser {
 		rc:    rc,
 		close: sync.OnceValue(rc.Close),
 	}
-	context.AfterFunc(ctx, func() { _ = crc.Close() })
+	crc.stop = context.AfterFunc(ctx, func() { _ = crc.Close() })
 	return crc
 }

 type cancelReadCloser struct {
 	rc    io.ReadCloser
 	close func() error
+	stop  func() bool
 }

 func (c *cancelReadCloser) Read(p []byte) (int, error) { return c.rc.Read(p) }
-func (c *cancelReadCloser) Close() error               { return c.close() }
+
+func (c *cancelReadCloser) Close() error {
+	c.stop() // unregister AfterFunc
+	return c.close()
+}
--- a/vendor/github.com/moby/moby/client/volume_prune.go
+++ b/vendor/github.com/moby/moby/client/volume_prune.go
@@ -6,7 +6,7 @@ import (
 	"fmt"
 	"net/url"

-	"github.com/containerd/errdefs"
+	cerrdefs "github.com/containerd/errdefs"
 	"github.com/moby/moby/api/types/volume"
 )

@@ -29,7 +29,7 @@ type VolumePruneResult struct {
 func (cli *Client) VolumePrune(ctx context.Context, options VolumePruneOptions) (VolumePruneResult, error) {
 	if options.All {
 		if _, ok := options.Filters["all"]; ok {
-			return VolumePruneResult{}, errdefs.ErrInvalidArgument.WithMessage(`conflicting options: cannot specify both "all" and "all" filter`)
+			return VolumePruneResult{}, cerrdefs.ErrInvalidArgument.WithMessage(`conflicting options: cannot specify both "all" and "all" filter`)
 		}
 		if options.Filters == nil {
 			options.Filters = Filters{}
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -167,7 +167,7 @@ github.com/moby/docker-image-spec/specs-go/v1
 github.com/moby/go-archive
 github.com/moby/go-archive/compression
 github.com/moby/go-archive/tarheader
-# github.com/moby/moby/api v1.53.0-rc.1
+# github.com/moby/moby/api v1.53.0-rc.2
 ## explicit; go 1.24.0
 github.com/moby/moby/api/pkg/authconfig
 github.com/moby/moby/api/pkg/stdcopy
@@ -189,7 +189,7 @@ github.com/moby/moby/api/types/storage
 github.com/moby/moby/api/types/swarm
 github.com/moby/moby/api/types/system
 github.com/moby/moby/api/types/volume
-# github.com/moby/moby/client v0.2.2-rc.1
+# github.com/moby/moby/client v0.2.2-rc.2
 ## explicit; go 1.24.0
 github.com/moby/moby/client
 github.com/moby/moby/client/internal