Merge pull request #1865 from crazy-max/bump-semver

vendor: github.com/Masterminds/semver/v3 v3.2.1
2 years ago · 93f7fbdd78
parent ea06685c11 459d94bdf1
commit 93f7fbdd78
9 changed files with 47 additions and 46 deletions
--- a/go.mod
+++ b/go.mod
@ -3,7 +3,7 @@ module github.com/docker/buildx
 go 1.20
 require (
-	github.com/Masterminds/semver/v3 v3.2.0
+	github.com/Masterminds/semver/v3 v3.2.1
 	github.com/aws/aws-sdk-go-v2/config v1.18.16
 	github.com/compose-spec/compose-go v1.13.4
 	github.com/containerd/console v1.0.3
--- a/go.sum
+++ b/go.sum
@ -41,8 +41,8 @@ github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 h1:UQHMgLO+TxOEl
 github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1/go.mod h1:xomTg63KZ2rFqZQzSB4Vz2SUXa1BpHTVz9L5PTmPC4E=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
-github.com/Masterminds/semver/v3 v3.2.0 h1:3MEsd0SM6jqZojhjLWWeBY+Kcjy9i6MQAeY7YgDP83g=
+github.com/Masterminds/semver/v3 v3.2.1 h1:RN9w6+7QoMeJVGyfmbcgs28Br8cvmnucEXnY0rYXWg0=
-github.com/Masterminds/semver/v3 v3.2.0/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
+github.com/Masterminds/semver/v3 v3.2.1/go.mod h1:qvl/7zhW3nngYb5+80sSMF+FG2BjYrf8m9wsX0PNOMQ=
 github.com/Microsoft/go-winio v0.6.1 h1:9/kr64B9VUZrLm5YYwbGtUJnMgqWVOdUAXu6Migciow=
 github.com/Microsoft/go-winio v0.6.1/go.mod h1:LRdKpFKfdobln8UmuiYcKPot9D2v6svN5+sAH+4kjUM=
 github.com/Microsoft/hcsshim v0.10.0-rc.8 h1:YSZVvlIIDD1UxQpJp0h+dnpLUw+TrY0cx8obKsp3bek=
--- a/vendor/github.com/Masterminds/semver/v3/.golangci.yml
+++ b/vendor/github.com/Masterminds/semver/v3/.golangci.yml
@ -5,12 +5,9 @@ linters:
  disable-all: true
  enable:
    - misspell
    - structcheck
    - govet
    - staticcheck
    - deadcode
    - errcheck
    - varcheck
    - unparam
    - ineffassign
    - nakedret
--- a/vendor/github.com/Masterminds/semver/v3/Makefile
+++ b/vendor/github.com/Masterminds/semver/v3/Makefile
@ -1,7 +1,5 @@
 GOPATH=$(shell go env GOPATH)
 GOLANGCI_LINT=$(GOPATH)/bin/golangci-lint
 GOFUZZBUILD = $(GOPATH)/bin/go-fuzz-build
 GOFUZZ = $(GOPATH)/bin/go-fuzz
 .PHONY: lint
 lint: $(GOLANGCI_LINT)
@ -19,19 +17,14 @@ test-cover:
 	GO111MODULE=on go test -cover .
 .PHONY: fuzz
-fuzz: $(GOFUZZBUILD) $(GOFUZZ)
+fuzz:
-	@echo "==> Fuzz testing"
+	@echo "==> Running Fuzz Tests"
-	$(GOFUZZBUILD)
+	go test -fuzz=FuzzNewVersion -fuzztime=15s .
-	$(GOFUZZ) -workdir=_fuzz
+	go test -fuzz=FuzzStrictNewVersion -fuzztime=15s .
 	go test -fuzz=FuzzNewConstraint -fuzztime=15s .
 $(GOLANGCI_LINT):
 	# Install golangci-lint. The configuration for it is in the .golangci.yml
 	# file in the root of the repository
 	echo ${GOPATH}
 	curl -sfL https://install.goreleaser.com/github.com/golangci/golangci-lint.sh | sh -s -- -b $(GOPATH)/bin v1.17.1
 $(GOFUZZBUILD):
 	cd / && go get -u github.com/dvyukov/go-fuzz/go-fuzz-build
 $(GOFUZZ):
 	cd / && go get -u github.com/dvyukov/go-fuzz/go-fuzz github.com/dvyukov/go-fuzz/go-fuzz-dep
--- a/vendor/github.com/Masterminds/semver/v3/README.md
+++ b/vendor/github.com/Masterminds/semver/v3/README.md
@ -18,18 +18,20 @@ If you are looking for a command line tool for version comparisons please see
 ## Package Versions
 Note, import `github.com/github.com/Masterminds/semver/v3` to use the latest version.
 There are three major versions fo the `semver` package.
-* 3.x.x is the new stable and active version. This version is focused on constraint
+* 3.x.x is the stable and active version. This version is focused on constraint
  compatibility for range handling in other tools from other languages. It has
  a similar API to the v1 releases. The development of this version is on the master
  branch. The documentation for this version is below.
 * 2.x was developed primarily for [dep](https://github.com/golang/dep). There are
  no tagged releases and the development was performed by [@sdboyer](https://github.com/sdboyer).
  There are API breaking changes from v1. This version lives on the [2.x branch](https://github.com/Masterminds/semver/tree/2.x).
-* 1.x.x is the most widely used version with numerous tagged releases. This is the
+* 1.x.x is the original release. It is no longer maintained. You should use the
-  previous stable and is still maintained for bug fixes. The development, to fix
+  v3 release instead. You can read the documentation for the 1.x.x release
-  bugs, occurs on the release-1 branch. You can read the documentation [here](https://github.com/Masterminds/semver/blob/release-1/README.md).
+  [here](https://github.com/Masterminds/semver/blob/release-1/README.md).
 ## Parsing Semantic Versions
@ -242,3 +244,15 @@ for _, m := range msgs {
 If you find an issue or want to contribute please file an [issue](https://github.com/Masterminds/semver/issues)
 or [create a pull request](https://github.com/Masterminds/semver/pulls).
 ## Security
 Security is an important consideration for this project. The project currently
 uses the following tools to help discover security issues:
 * [CodeQL](https://github.com/Masterminds/semver)
 * [gosec](https://github.com/securego/gosec)
 * Daily Fuzz testing
 If you believe you have found a security vulnerability you can privately disclose
 it through the [GitHub security page](https://github.com/Masterminds/semver/security).
--- a/vendor/github.com/Masterminds/semver/v3/SECURITY.md
+++ b/vendor/github.com/Masterminds/semver/v3/SECURITY.md
@ -0,0 +1,19 @@
 # Security Policy
 ## Supported Versions
 The following versions of semver are currently supported:
 | Version | Supported          |
 | ------- | ------------------ |
 | 3.x     | :white_check_mark: |
 | 2.x     | :x:                |
 | 1.x     | :x:                |
 Fixes are only released for the latest minor version in the form of a patch release.
 ## Reporting a Vulnerability
 You can privately disclose a vulnerability through GitHubs
 [private vulnerability reporting](https://github.com/Masterminds/semver/security/advisories)
 mechanism.
--- a/vendor/github.com/Masterminds/semver/v3/fuzz.go
+++ b/vendor/github.com/Masterminds/semver/v3/fuzz.go
@ -1,22 +0,0 @@
 // +build gofuzz
 package semver
 func Fuzz(data []byte) int {
 	d := string(data)
 	// Test NewVersion
 	_, _ = NewVersion(d)
 	// Test StrictNewVersion
 	_, _ = StrictNewVersion(d)
 	// Test NewConstraint
 	_, _ = NewConstraint(d)
 	// The return value should be 0 normally, 1 if the priority in future tests
 	// should be increased, and -1 if future tests should skip passing in that
 	// data. We do not have a reason to change priority so 0 is always returned.
 	// There are example tests that do this.
 	return 0
 }
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@ -5,7 +5,7 @@ github.com/AdaLogics/go-fuzz-headers
 ## explicit; go 1.16
 github.com/Azure/go-ansiterm
 github.com/Azure/go-ansiterm/winterm
-# github.com/Masterminds/semver/v3 v3.2.0
+# github.com/Masterminds/semver/v3 v3.2.1
 ## explicit; go 1.18
 github.com/Masterminds/semver/v3
 # github.com/Microsoft/go-winio v0.6.1