vendor: update buildkit to master@67a08623b95a

Signed-off-by: Justin Chadwell <me@jedevc.com>

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/aws/aws-sdk-go-v2/config v1.18.16
 	github.com/compose-spec/compose-go v1.14.0
 	github.com/containerd/console v1.0.3
-	github.com/containerd/containerd v1.7.1
+	github.com/containerd/containerd v1.7.2
 	github.com/containerd/continuity v0.4.1
 	github.com/containerd/typeurl/v2 v2.1.1
 	github.com/docker/cli v24.0.1+incompatible
@@ -22,7 +22,7 @@ require (
 	github.com/google/uuid v1.3.0
 	github.com/hashicorp/go-cty-funcs v0.0.0-20200930094925-2721b1e36840
 	github.com/hashicorp/hcl/v2 v2.8.2
-	github.com/moby/buildkit v0.11.0-rc3.0.20230530080511-c36941f4a10e
+	github.com/moby/buildkit v0.11.0-rc3.0.20230609092854-67a08623b95a
 	github.com/moby/sys/mountinfo v0.6.2
 	github.com/moby/sys/signal v0.7.0
 	github.com/morikuni/aec v1.0.0

go.sum

@@ -127,8 +127,8 @@ github.com/compose-spec/compose-go v1.14.0/go.mod h1:m0o4G6MQDHjjz9rY7No9FpnNi+9
 github.com/containerd/cgroups v1.1.0 h1:v8rEWFl6EoqHB+swVNjVoCJE8o3jX7e8nqBGPLaDFBM=
 github.com/containerd/console v1.0.3 h1:lIr7SlA5PxZyMV30bDW0MGbiOPXwc63yRuCP0ARubLw=
 github.com/containerd/console v1.0.3/go.mod h1:7LqA/THxQ86k76b8c/EMSiaJ3h1eZkMkXar0TQ1gf3U=
-github.com/containerd/containerd v1.7.1 h1:k8DbDkSOwt5rgxQ3uCI4WMKIJxIndSCBUaGm5oRn+Go=
-github.com/containerd/containerd v1.7.1/go.mod h1:gA+nJUADRBm98QS5j5RPROnt0POQSMK+r7P7EGMC/Qc=
+github.com/containerd/containerd v1.7.2 h1:UF2gdONnxO8I6byZXDi5sXWiWvlW3D/sci7dTQimEJo=
+github.com/containerd/containerd v1.7.2/go.mod h1:afcz74+K10M/+cjGHIVQrCt3RAQhUSCAjJ9iMYhhkuI=
 github.com/containerd/continuity v0.4.1 h1:wQnVrjIyQ8vhU2sgOiL5T07jo+ouqc2bnKsv5/EqGhU=
 github.com/containerd/continuity v0.4.1/go.mod h1:F6PTNCKepoxEaXLQp3wDAjygEnImnZ/7o4JzpodfroQ=
 github.com/containerd/fifo v1.1.0 h1:4I2mbh5stb1u6ycIABlBw9zgtlK8viPI9QkQNRQEEmY=
@@ -371,8 +371,8 @@ github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7 h1:DpOJ2HYzC
 github.com/mitchellh/go-wordwrap v0.0.0-20150314170334-ad45545899c7/go.mod h1:ZXFpozHsX6DPmq2I0TCekCxypsnAUbP2oI0UX1GXzOo=
 github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
 github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
-github.com/moby/buildkit v0.11.0-rc3.0.20230530080511-c36941f4a10e h1:d5nOEUewXcVebVTyUVeQHXX8+Ofb/+TSlqZSn9xIg3k=
-github.com/moby/buildkit v0.11.0-rc3.0.20230530080511-c36941f4a10e/go.mod h1:nWISTd0U2LNfp6z0W5T0NO73xO5rrdRiTTQkSF6uIjc=
+github.com/moby/buildkit v0.11.0-rc3.0.20230609092854-67a08623b95a h1:1k3bAXwxC2N1FncWijq/43sLj2OVIZ11FT0APIXWhMg=
+github.com/moby/buildkit v0.11.0-rc3.0.20230609092854-67a08623b95a/go.mod h1:4sM7BBBqXOQ+vV6LrVAOAMhZI9cVNYV5RhZCl906a64=
 github.com/moby/locker v1.0.1 h1:fOXqR41zeveg4fFODix+1Ch4mj/gT0NE1XJbp/epuBg=
 github.com/moby/locker v1.0.1/go.mod h1:S7SDdo5zpBK84bzzVlKr2V0hz+7x9hWbYC/kq7oQppc=
 github.com/moby/patternmatcher v0.5.0 h1:YCZgJOeULcxLw1Q+sVR636pmS7sPEn1Qo2iAN6M7DBo=
@@ -411,7 +411,6 @@ github.com/opencontainers/runc v1.1.7/go.mod h1:CbUumNnWCuTGFukNXahoo/RFBZvDAgRh
 github.com/opencontainers/runtime-spec v1.1.0-rc.2 h1:ucBtEms2tamYYW/SvGpvq9yUN0NEVL6oyLEwDcTSrk8=
 github.com/opencontainers/selinux v1.11.0 h1:+5Zbo97w3Lbmb3PeqQtpmTkMwsW5nRI3YaLpt7tQ7oU=
 github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
-github.com/package-url/packageurl-go v0.1.1-0.20220428063043-89078438f170 h1:DiLBVp4DAcZlBVBEtJpNWZpZVq0AEeCY7Hqk8URVs4o=
 github.com/pelletier/go-toml v1.9.5 h1:4yBQzkHv+7BHq2PQUZF3Mx0IYxG7LsP222s7Agd3ve8=
 github.com/pelletier/go-toml v1.9.5/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
 github.com/pelletier/go-toml/v2 v2.0.5 h1:ipoSadvV8oGUjnUbMub59IDPPwfxF694nG/jwbMiyQg=
@@ -460,7 +459,7 @@ github.com/sirupsen/logrus v1.8.1/go.mod h1:yWOB1SBYBC5VeMP7gHvWumXLIWorT60ONWic
 github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/spaolacci/murmur3 v0.0.0-20180118202830-f09979ecbc72/go.mod h1:JwIasOWyU6f++ZhiEuf87xNszmSA2myDM2Kzu9HwQUA=
-github.com/spdx/tools-golang v0.5.0 h1:/fqihV2Jna7fmow65dHpgKNsilgLK7ICpd2tkCnPEyY=
+github.com/spdx/tools-golang v0.5.1 h1:fJg3SVOGG+eIva9ZUBm/hvyA7PIPVFjRxUKe6fdAgwE=
 github.com/spf13/afero v1.9.2 h1:j49Hj62F0n+DaZ1dDCvhABaPNSGNkt32oRFxI33IEMw=
 github.com/spf13/cast v1.5.0 h1:rj3WzYc11XZaIZMPKmwP96zkFEnnAmV8s6XbB2aY32w=
 github.com/spf13/cobra v1.7.0 h1:hyqWnYt1ZQShIddO5kBpj3vu05/++x6tJ6dg8EC572I=

vendor/github.com/containerd/containerd/remotes/docker/resolver.go

@@ -98,25 +98,30 @@ type ResolverOptions struct {
 	Tracker StatusTracker
 
 	// Authorizer is used to authorize registry requests
-	// Deprecated: use Hosts
+	//
+	// Deprecated: use Hosts.
 	Authorizer Authorizer
 
 	// Credentials provides username and secret given a host.
 	// If username is empty but a secret is given, that secret
 	// is interpreted as a long lived token.
-	// Deprecated: use Hosts
+	//
+	// Deprecated: use Hosts.
 	Credentials func(string) (string, string, error)
 
 	// Host provides the hostname given a namespace.
-	// Deprecated: use Hosts
+	//
+	// Deprecated: use Hosts.
 	Host func(string) (string, error)
 
 	// PlainHTTP specifies to use plain http and not https
-	// Deprecated: use Hosts
+	//
+	// Deprecated: use Hosts.
 	PlainHTTP bool
 
 	// Client is the http client to used when making registry requests
-	// Deprecated: use Hosts
+	//
+	// Deprecated: use Hosts.
 	Client *http.Client
 }
 

vendor/github.com/containerd/containerd/version/version.go

@@ -23,7 +23,7 @@ var (
 	Package = "github.com/containerd/containerd"
 
 	// Version holds the complete version number. Filled in at linking time.
-	Version = "1.7.1+unknown"
+	Version = "1.7.2+unknown"
 
 	// Revision is filled with the VCS (e.g. git) revision being used to build
 	// the program at linking time.

vendor/github.com/moby/buildkit/exporter/containerimage/exptypes/keys.go

@@ -0,0 +1,75 @@
+package exptypes
+
+import commonexptypes "github.com/moby/buildkit/exporter/exptypes"
+
+type ImageExporterOptKey string
+
+// Options keys supported by the image exporter output.
+var (
+	// Name of the image.
+	// Value: string
+	OptKeyName ImageExporterOptKey = "name"
+
+	// Push after creating image.
+	// Value: bool <true|false>
+	OptKeyPush ImageExporterOptKey = "push"
+
+	// Push unnamed image.
+	// Value: bool <true|false>
+	OptKeyPushByDigest ImageExporterOptKey = "push-by-digest"
+
+	// Allow pushing to insecure HTTP registry.
+	// Value: bool <true|false>
+	OptKeyInsecure ImageExporterOptKey = "registry.insecure"
+
+	// Unpack image after it's created (containerd).
+	// Value: bool <true|false>
+	OptKeyUnpack ImageExporterOptKey = "unpack"
+
+	// Fallback image name prefix if image name isn't provided.
+	// If used, image will be named as <value>@<digest>
+	// Value: string
+	OptKeyDanglingPrefix ImageExporterOptKey = "dangling-name-prefix"
+
+	// Creates additional image name with format <name>@<digest>
+	// Value: bool <true|false>
+	OptKeyNameCanonical ImageExporterOptKey = "name-canonical"
+
+	// Store the resulting image along with all of the content it references.
+	// Ignored if the worker doesn't have image store (e.g. OCI worker).
+	// Value: bool <true|false>
+	OptKeyStore ImageExporterOptKey = "store"
+
+	// Use OCI mediatypes instead of Docker in JSON configs.
+	// Value: bool <true|false>
+	OptKeyOCITypes ImageExporterOptKey = "oci-mediatypes"
+
+	// Force attestation to be attached.
+	// Value: bool <true|false>
+	OptKeyForceInlineAttestations ImageExporterOptKey = "attestation-inline"
+
+	// Mark layers as non-distributable if they are found to use a
+	// non-distributable media type. When this option is not set, the exporter
+	// will change the media type of the layer to a distributable one.
+	// Value: bool <true|false>
+	OptKeyPreferNondistLayers ImageExporterOptKey = "prefer-nondist-layers"
+
+	// Clamp produced timestamps. For more information see the
+	// SOURCE_DATE_EPOCH specification.
+	// Value: int (number of seconds since Unix epoch)
+	OptKeySourceDateEpoch ImageExporterOptKey = ImageExporterOptKey(commonexptypes.OptKeySourceDateEpoch)
+
+	// Compression type for newly created and cached layers.
+	// estargz should be used with OptKeyOCITypes set to true.
+	// Value: string <uncompressed|gzip|estargz|zstd>
+	OptKeyLayerCompression ImageExporterOptKey = "compression"
+
+	// Force compression on all (including existing) layers.
+	// Value: bool <true|false>
+	OptKeyForceCompression ImageExporterOptKey = "force-compression"
+
+	// Compression level
+	// Value: int (0-9) for gzip and estargz
+	// Value: int (0-22) for zstd
+	OptKeyCompressionLevel ImageExporterOptKey = "compression-level"
+)

vendor/github.com/moby/buildkit/exporter/containerimage/exptypes/types.go

@@ -12,7 +12,6 @@ const (
 	ExporterImageDescriptorKey   = "containerimage.descriptor"
 	ExporterInlineCache          = "containerimage.inlinecache"
 	ExporterPlatformsKey         = "refs.platforms"
-	ExporterEpochKey             = "source.date.epoch"
 )
 
 // KnownRefMetadataKeys are the subset of exporter keys that can be suffixed by

vendor/github.com/moby/buildkit/exporter/exptypes/keys.go

@@ -0,0 +1,15 @@
+package exptypes
+
+const (
+	ExporterEpochKey = "source.date.epoch"
+)
+
+type ExporterOptKey string
+
+// Options keys supported by all exporters.
+var (
+	// Clamp produced timestamps. For more information see the
+	// SOURCE_DATE_EPOCH specification.
+	// Value: int (number of seconds since Unix epoch)
+	OptKeySourceDateEpoch ExporterOptKey = "source-date-epoch"
+)

vendor/github.com/moby/buildkit/session/auth/authprovider/authprovider.go

@@ -29,6 +29,8 @@ import (
 )
 
 const defaultExpiration = 60
+const dockerHubConfigfileKey = "https://index.docker.io/v1/"
+const dockerHubRegistryHost = "registry-1.docker.io"
 
 func NewDockerAuthProvider(cfg *configfile.ConfigFile) session.Attachable {
 	return &authProvider{
@@ -183,10 +185,12 @@ func (ap *authProvider) VerifyTokenAuthority(ctx context.Context, req *auth.Veri
 func (ap *authProvider) getAuthConfig(host string) (*types.AuthConfig, error) {
 	ap.mu.Lock()
 	defer ap.mu.Unlock()
+
+	if host == dockerHubRegistryHost {
+		host = dockerHubConfigfileKey
+	}
+
 	if _, exists := ap.authConfigCache[host]; !exists {
-		if host == "registry-1.docker.io" {
-			host = "https://index.docker.io/v1/"
-		}
 		ac, err := ap.config.GetAuthConfig(host)
 		if err != nil {
 			return nil, err

vendor/github.com/moby/buildkit/util/progress/progressui/printer.go

@@ -143,10 +143,13 @@ func (p *textMux) printVtx(t *trace, dgst digest.Digest) {
 	}
 
 	for i, l := range v.logs {
-		if i == 0 {
+		if i == 0 && v.logsOffset != 0 { // index has already been printed
 			l = l[v.logsOffset:]
+			fmt.Fprintf(p.w, "%s", l)
+		} else {
+			fmt.Fprintf(p.w, "#%d %s", v.index, []byte(l))
 		}
-		fmt.Fprintf(p.w, "#%d %s", v.index, []byte(l))
+
 		if i != len(v.logs)-1 || !v.logsPartial {
 			fmt.Fprintln(p.w, "")
 		}

vendor/github.com/moby/buildkit/util/system/path.go

@@ -1,5 +1,13 @@
 package system
 
+import (
+	"path"
+	"path/filepath"
+	"strings"
+
+	"github.com/pkg/errors"
+)
+
 // DefaultPathEnvUnix is unix style list of directories to search for
 // executables. Each directory is separated from the next by a colon
 // ':' character .
@@ -16,3 +24,202 @@ func DefaultPathEnv(os string) string {
 	}
 	return DefaultPathEnvUnix
 }
+
+// NormalizePath cleans the path based on the operating system the path is meant for.
+// It takes into account a potential parent path, and will join the path to the parent
+// if the path is relative. Additionally, it will apply the folliwing rules:
+//   - always return an absolute path
+//   - always strip drive letters for Windows paths
+//   - optionally keep the trailing slashes on paths
+//   - paths are returned using forward slashes
+func NormalizePath(parent, newPath, inputOS string, keepSlash bool) (string, error) {
+	if inputOS == "" {
+		inputOS = "linux"
+	}
+
+	newPath = toSlash(newPath, inputOS)
+	parent = toSlash(parent, inputOS)
+	origPath := newPath
+
+	if parent == "" {
+		parent = "/"
+	}
+
+	var err error
+	parent, err = CheckSystemDriveAndRemoveDriveLetter(parent, inputOS)
+	if err != nil {
+		return "", errors.Wrap(err, "removing drive letter")
+	}
+
+	if !IsAbs(parent, inputOS) {
+		parent = path.Join("/", parent)
+	}
+
+	if newPath == "" {
+		// New workdir is empty. Use the "current" workdir. It should already
+		// be an absolute path.
+		newPath = parent
+	}
+
+	newPath, err = CheckSystemDriveAndRemoveDriveLetter(newPath, inputOS)
+	if err != nil {
+		return "", errors.Wrap(err, "removing drive letter")
+	}
+
+	if !IsAbs(newPath, inputOS) {
+		// The new WD is relative. Join it to the previous WD.
+		newPath = path.Join(parent, newPath)
+	}
+
+	if keepSlash {
+		if strings.HasSuffix(origPath, "/") && !strings.HasSuffix(newPath, "/") {
+			newPath += "/"
+		} else if strings.HasSuffix(origPath, "/.") {
+			if newPath != "/" {
+				newPath += "/"
+			}
+			newPath += "."
+		}
+	}
+
+	return toSlash(newPath, inputOS), nil
+}
+
+func toSlash(inputPath, inputOS string) string {
+	separator := "/"
+	if inputOS == "windows" {
+		separator = "\\"
+	}
+	return strings.Replace(inputPath, separator, "/", -1)
+}
+
+func fromSlash(inputPath, inputOS string) string {
+	separator := "/"
+	if inputOS == "windows" {
+		separator = "\\"
+	}
+	return strings.Replace(inputPath, "/", separator, -1)
+}
+
+// NormalizeWorkdir will return a normalized version of the new workdir, given
+// the currently configured workdir and the desired new workdir. When setting a
+// new relative workdir, it will be joined to the previous workdir or default to
+// the root folder.
+// On Windows we remove the drive letter and convert the path delimiter to "\".
+// Paths that begin with os.PathSeparator are considered absolute even on Windows.
+func NormalizeWorkdir(current, wd string, inputOS string) (string, error) {
+	if inputOS == "" {
+		inputOS = "linux"
+	}
+
+	wd, err := NormalizePath(current, wd, inputOS, false)
+	if err != nil {
+		return "", errors.Wrap(err, "normalizing working directory")
+	}
+
+	// Make sure we use the platform specific path separator. HCS does not like forward
+	// slashes in CWD.
+	return fromSlash(wd, inputOS), nil
+}
+
+// IsAbs returns a boolean value indicating whether or not the path
+// is absolute. On Linux, this is just a wrapper for filepath.IsAbs().
+// On Windows, we strip away the drive letter (if any), clean the path,
+// and check whether or not the path starts with a filepath.Separator.
+// This function is meant to check if a path is absolute, in the context
+// of a COPY, ADD or WORKDIR, which have their root set in the mount point
+// of the writable layer we are mutating. The filepath.IsAbs() function on
+// Windows will not work in these scenatios, as it will return true for paths
+// that:
+//   - Begin with drive letter (DOS style paths)
+//   - Are volume paths \\?\Volume{UUID}
+//   - Are UNC paths
+func IsAbs(pth, inputOS string) bool {
+	if inputOS == "" {
+		inputOS = "linux"
+	}
+	cleanedPath, err := CheckSystemDriveAndRemoveDriveLetter(pth, inputOS)
+	if err != nil {
+		return false
+	}
+	cleanedPath = toSlash(cleanedPath, inputOS)
+	// We stripped any potential drive letter and converted any backslashes to
+	// forward slashes. We can safely use path.IsAbs() for both Windows and Linux.
+	return path.IsAbs(cleanedPath)
+}
+
+// CheckSystemDriveAndRemoveDriveLetter verifies and manipulates a Windows path.
+// For linux, this is a no-op.
+//
+// This is used, for example, when validating a user provided path in docker cp.
+// If a drive letter is supplied, it must be the system drive. The drive letter
+// is always removed. It also converts any backslash to forward slash. The conversion
+// to OS specific separator should happen as late as possible (ie: before passing the
+// value to the function that will actually use it). Paths are parsed and code paths are
+// triggered starting with the client and all the way down to calling into the runtime
+// environment. The client may run on a foreign OS from the one the build will be triggered
+// (Windows clients connecting to Linux or vice versa).
+// Keeping the file separator consistent until the last moment is desirable.
+//
+// We need the Windows path without the drive letter so that it can ultimately be concatenated with
+// a Windows long-path which doesn't support drive-letters. Examples:
+// C:			--> Fail
+// C:somepath   --> somepath // This is a relative path to the CWD set for that drive letter
+// C:\			--> \
+// a			--> a
+// /a			--> \a
+// d:\			--> Fail
+//
+// UNC paths can refer to multiple types of paths. From local filesystem paths,
+// to remote filesystems like SMB or named pipes.
+// There is no sane way to support this without adding a lot of complexity
+// which I am not sure is worth it.
+// \\.\C$\a     --> Fail
+func CheckSystemDriveAndRemoveDriveLetter(path string, inputOS string) (string, error) {
+	if inputOS == "" {
+		inputOS = "linux"
+	}
+
+	if inputOS != "windows" {
+		return path, nil
+	}
+
+	if len(path) == 2 && string(path[1]) == ":" {
+		return "", errors.Errorf("No relative path specified in %q", path)
+	}
+
+	// UNC paths should error out
+	if len(path) >= 2 && toSlash(path[:2], inputOS) == "//" {
+		return "", errors.Errorf("UNC paths are not supported")
+	}
+
+	parts := strings.SplitN(path, ":", 2)
+	// Path does not have a drive letter. Just return it.
+	if len(parts) < 2 {
+		return toSlash(filepath.Clean(path), inputOS), nil
+	}
+
+	// We expect all paths to be in C:
+	if !strings.EqualFold(parts[0], "c") {
+		return "", errors.New("The specified path is not on the system drive (C:)")
+	}
+
+	// A path of the form F:somepath, is a path that is relative CWD set for a particular
+	// drive letter. See:
+	// https://learn.microsoft.com/en-us/windows/win32/fileio/naming-a-file#fully-qualified-vs-relative-paths
+	//
+	// C:\>mkdir F:somepath
+	// C:\>dir F:\
+	// Volume in drive F is New Volume
+	// Volume Serial Number is 86E5-AB64
+	//
+	// Directory of F:\
+	//
+	// 11/27/2022  02:22 PM    <DIR>          somepath
+	// 			0 File(s)              0 bytes
+	// 			1 Dir(s)   1,052,876,800 bytes free
+	//
+	// We must return the second element of the split path, as is, without attempting to convert
+	// it to an absolute path. We have no knowledge of the CWD; that is treated elsewhere.
+	return toSlash(filepath.Clean(parts[1]), inputOS), nil
+}

vendor/github.com/moby/buildkit/util/system/path_unix.go

@@ -1,10 +0,0 @@
-//go:build !windows
-// +build !windows
-
-package system
-
-// CheckSystemDriveAndRemoveDriveLetter verifies that a path, if it includes a drive letter,
-// is the system drive. This is a no-op on Linux.
-func CheckSystemDriveAndRemoveDriveLetter(path string) (string, error) {
-	return path, nil
-}

vendor/github.com/moby/buildkit/util/system/path_windows.go

@@ -1,35 +0,0 @@
-//go:build windows
-// +build windows
-
-package system
-
-import (
-	"path/filepath"
-	"strings"
-
-	"github.com/pkg/errors"
-)
-
-// CheckSystemDriveAndRemoveDriveLetter verifies and manipulates a Windows path.
-// This is used, for example, when validating a user provided path in docker cp.
-// If a drive letter is supplied, it must be the system drive. The drive letter
-// is always removed. Also, it translates it to OS semantics (IOW / to \). We
-// need the path in this syntax so that it can ultimately be contatenated with
-// a Windows long-path which doesn't support drive-letters. Examples:
-// C:			--> Fail
-// C:\			--> \
-// a			--> a
-// /a			--> \a
-// d:\			--> Fail
-func CheckSystemDriveAndRemoveDriveLetter(path string) (string, error) {
-	if len(path) == 2 && string(path[1]) == ":" {
-		return "", errors.Errorf("No relative path specified in %q", path)
-	}
-	if !filepath.IsAbs(path) || len(path) < 2 {
-		return filepath.FromSlash(path), nil
-	}
-	if string(path[1]) == ":" && !strings.EqualFold(string(path[0]), "c") {
-		return "", errors.New("The specified path is not on the system drive (C:)")
-	}
-	return filepath.FromSlash(path[2:]), nil
-}

vendor/modules.txt

@@ -147,7 +147,7 @@ github.com/compose-spec/compose-go/utils
 # github.com/containerd/console v1.0.3
 ## explicit; go 1.13
 github.com/containerd/console
-# github.com/containerd/containerd v1.7.1
+# github.com/containerd/containerd v1.7.2
 ## explicit; go 1.19
 github.com/containerd/containerd/api/services/content/v1
 github.com/containerd/containerd/archive/compression
@@ -498,7 +498,7 @@ github.com/mitchellh/go-wordwrap
 # github.com/mitchellh/mapstructure v1.5.0
 ## explicit; go 1.14
 github.com/mitchellh/mapstructure
-# github.com/moby/buildkit v0.11.0-rc3.0.20230530080511-c36941f4a10e
+# github.com/moby/buildkit v0.11.0-rc3.0.20230609092854-67a08623b95a
 ## explicit; go 1.20
 github.com/moby/buildkit/api/services/control
 github.com/moby/buildkit/api/types
@@ -513,6 +513,7 @@ github.com/moby/buildkit/client/ociindex
 github.com/moby/buildkit/cmd/buildkitd/config
 github.com/moby/buildkit/exporter/containerimage/exptypes
 github.com/moby/buildkit/exporter/containerimage/image
+github.com/moby/buildkit/exporter/exptypes
 github.com/moby/buildkit/frontend/attestations
 github.com/moby/buildkit/frontend/dockerfile/dockerignore
 github.com/moby/buildkit/frontend/dockerui